Loading...

XML

Word

Printable

JSON

Type: New Feature
Resolution: Done
Priority: Major - P3
Fix Version/s: 2.7.8
Affects Version/s: None
Component/s: Security
Labels:
- pull-request

This protocol is a cryptographically more sophisticated variant of Mongo's basic authentication. Mongo still stores a hash of the user's password and it uses a challenge-response protocol. It will have the advantage for some users of being a well-known and studied protocol.

depends on

SERVER-14830 SCRAM-SHA-1 conversations fail to complete

Closed

SERVER-15177 Use native SCRAM-SHA-1 in Enterprise version

Closed

is depended on by

JAVA-828 Support SASL SCRAM-SHA1 authentication

Closed

JAVA-1461 Support authentication mechanism negotiation

Closed

CSHARP-990 Implement SCRAM-SHA-1 Authentication Mechanism

Closed

DRIVERS-166 Implement the SCRAM-SHA-1 SASL Mechanism

Closed

SERVER-7648 Support Use of FIPS 140-2 Compliant Crypto Library

Closed

is related to

SERVER-16167 2.8.0-rc0 shell can't auth to a 2.4 server

Closed

related to

SERVER-15270 Starting mongod with SCRAM-SHA-1 does't actually create SCRAM-SHA-1 credentials

Closed

SERVER-2360 Add a stronger password authentication scheme (replace md5 with sha?)

Closed

SERVER-15330 Bump maxWireProtocolVersion for 2.8 features

Closed

links to

Pull Request #772

Pull Request #859

Pull Request #863

(2 is depended on by, 1 is related to, 3 related to, 3 links to)

Assignee:: Andreas Nilsson

Reporter:: Andy Schwerin

Participants:: Andreas Nilsson, Andy Schwerin, Githook User

Votes:: 0 Vote for this issue

Watchers:: 9 Start watching this issue

Created:: Nov 08 2012 08:12:24 PM UTC

Updated:: Jul 11 2016 05:56:28 PM UTC

Resolved:: Oct 22 2014 06:11:07 PM UTC

Details

Description

Attachments

Issue Links

Activity

People

Dates