Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-17686

Access to http interface when authentication is enabled

    XMLWordPrintable

    Details

    • Type: Question
    • Status: Closed
    • Priority: Minor - P4
    • Resolution: Duplicate
    • Affects Version/s: 2.6.3
    • Fix Version/s: None
    • Component/s: HTTP Console, Security
    • Labels:
      None

      Description

      http://localhost:28017 access is possible without username/password when security is enabled (user exists in db). Shell access and host:28017 is not possible without user name password when security is enabled and user exists. Is this expected behavior ?

        Attachments

          Issue Links

          duplicates

          Bug - A problem which impairs or prevents the functions of the product. SERVER-17379 HTTP interface's localhost exception check is too permissive

          • Major - P3 - Major loss of function.
          • Closed

            Activity

              People

              Assignee:
              Unassigned Unassigned
              Reporter:
              ananth12 ananth
              Participants:
              Votes:
              0 Vote for this issue
              Watchers:
              8 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: