Details
-
Question
-
Status: Closed
-
Minor - P4
-
Resolution: Duplicate
-
2.6.3
-
None
-
None
Description
http://localhost:28017 access is possible without username/password when security is enabled (user exists in db). Shell access and host:28017 is not possible without user name password when security is enabled and user exists. Is this expected behavior ?
Attachments
Issue Links
- duplicates
-
SERVER-17379 HTTP interface's localhost exception check is too permissive
-
- Closed
-