-
Type: New Feature
-
Resolution: Done
-
Priority: Major - P3
-
Affects Version/s: None
-
Component/s: Security
This protocol is a cryptographically more sophisticated variant of Mongo's basic authentication. Mongo still stores a hash of the user's password and it uses a challenge-response protocol. It will have the advantage for some users of being a well-known and studied protocol.
- depends on
-
SERVER-14830 SCRAM-SHA-1 conversations fail to complete
- Closed
-
SERVER-15177 Use native SCRAM-SHA-1 in Enterprise version
- Closed
- is depended on by
-
JAVA-828 Support SASL SCRAM-SHA1 authentication
- Closed
-
JAVA-1461 Support authentication mechanism negotiation
- Closed
-
CSHARP-990 Implement SCRAM-SHA-1 Authentication Mechanism
- Closed
-
DRIVERS-166 Implement the SCRAM-SHA-1 SASL Mechanism
- Closed
-
SERVER-7648 Support Use of FIPS 140-2 Compliant Crypto Library
- Closed
- is related to
-
SERVER-16167 2.8.0-rc0 shell can't auth to a 2.4 server
- Closed
- related to
-
SERVER-15270 Starting mongod with SCRAM-SHA-1 does't actually create SCRAM-SHA-1 credentials
- Closed
-
SERVER-2360 Add a stronger password authentication scheme (replace md5 with sha?)
- Closed
-
SERVER-15330 Bump maxWireProtocolVersion for 2.8 features
- Closed
- links to