Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-29923

SASL authentication session factory should use dynamically LDAP server list

    • Type: Icon: Bug Bug
    • Resolution: Fixed
    • Priority: Icon: Major - P3 Major - P3
    • 3.7.2
    • Affects Version/s: 3.4.5
    • Component/s: Security, Usability
    • None
    • Fully Compatible
    • ALL
    • Platforms 2018-02-12

      The SASL authentication session factory uses the presence of an LDAP server in the startup flags to figure out if it should route PLAIN authentication attempts on $external to the native LDAP authentication code. However, if no LDAP server was set on startup, but one was specified dynamically via a setParameter, the factory will not realize that it can produce a native LDAP SASL session, and will incorrectly produce a CyrusSasl authentication session, which will try to use saslauthd which may not be configured.

            Assignee:
            spencer.jackson@mongodb.com Spencer Jackson
            Reporter:
            spencer.jackson@mongodb.com Spencer Jackson
            Votes:
            1 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: