Loading...

XML

Word

Printable

JSON

Type: Improvement
Resolution: Fixed
Priority: Minor - P4
Fix Version/s: 3.6.2
Affects Version/s: None
Component/s: Authentication
Labels:
None

Case:
Confidence Status:
None

Aha! Reference:
None
Tracking Level:
None
Risk Status:
None
Exec Notes:
None
Goal Link:
None
Goal Name(s):
None

A JVM bug, originally reported in https://stackoverflow.com/questions/46971788/java-cipher-pbe-thread-safety-issue, can cause SCRAM-SHA-1 authentication to intermittently fail.

Synchronizing access to the java.security.Key instance used in com.mongodb.connection.ScramSha1Authenticator.ScramSha1SaslClient#hi has been demonstrated to be an effective workaround to the bug, as suggested in JDK-8055183

JDK bug links:

Assignee:: Jeffrey Yemin
Reporter:: Jeffrey Yemin
Reviewers:: None
Votes:: 0 Vote for this issue
Watchers:: 2 Start watching this issue

Created:: Jan 22 2018 01:58:22 PM UTC
Updated:: Oct 28 2023 11:23:00 AM UTC
Resolved:: Jan 22 2018 04:38:03 PM UTC
Confidence Status Last Update:: 22/Jan/18 1:58 PM

Details

Description

Attachments

Forms

Activity

People

Dates