Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-14906

Kerberos Login Mapping Functionality

    XMLWordPrintableJSON

Details

    • Server Security

    Description

      Allow for custom mappings to be defined between Kerberos accounts and mongodb users.

      The idea here being that the mongodb account names do not precisely match up with the kerberos account username and the kerberos account has the possibility to log in to any account out of the subset it is mapped to.

      The reason this feature would be useful is for limiting the permissions/privileges a user runs with that user being able to temporarily elevate privileges during emergencies. The key here is to have all of these actions be audited appropriately.

      Attachments

        Activity

          People

            backlog-server-security Backlog - Security Team
            osmar.olivo Osmar Olivo
            Votes:
            0 Vote for this issue
            Watchers:
            8 Start watching this issue

            Dates

              Created:
              Updated: