I have a Mongodb 3.0 cluster running (with WiredTiger and SCRAM authentication).
I have an application which only works with mongodb 2.6, so I set up a 2.6 replica node, and set it as a hidden node as per: http://docs.mongodb.org/manual/tutorial/configure-a-hidden-replica-set-member/
The issue is that the authentication scheme used on the main cluster is not available on mongodb 2.6 (SCRAM-SHA-1) and downgrading the existing cluster to MONGO-CR is not an option.
http://docs.mongodb.org/master/release-notes/3.0-scram/
Is there a way to have separate MONGO-CR credentials on this single replica (even if those credentials are not synchronized with the primary cluster nodes?)
Is there a workaround by using the authentication key for the client to connect? This is how the node was added to the cluster ie:
security:
authorization: enabled
keyFile: /var/lib/mongodb/mongodb-keyfile
If I start the hidden replica with authentication disabled and no keyFile, then anybody can connect to ANY collection that is replicated from the main cluster - which is not an option even with strong firewalling.