Uploaded image for project: 'Compass '
  1. Compass
  2. COMPASS-5905

Remove password field from Kerberos

    XMLWordPrintableJSON

Details

    • Icon: Task Task
    • Resolution: Fixed
    • Icon: Major - P3 Major - P3
    • 1.32.4
    • None
    • Connectivity
    • None
    • 1
    • Not Needed
    • Iteration Eel, Iteration Fish

    Description

      Remove password field from Kerberos by default and hide behind the feature flag: process.env.COMPASS_ENABLE_KERBEROS_PASSWORD_FIELD

      For context, this field should be only rarely necessary as a last resort in environments where the Kerberos auth is not working as intended. But causes issues with a working setup: customers reported that users try to fill the field and potentially expose their system password through connection string and screencasts.

      Attachments

        Activity

          People

            anna.henningsen@mongodb.com Anna Henningsen
            maurizio.casimirri@mongodb.com Maurizio Casimirri
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: