Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-23503

Expand localhost exception to include role creation

XMLWordPrintableJSON

    • Type: Icon: Improvement Improvement
    • Resolution: Done
    • Priority: Icon: Major - P3 Major - P3
    • 3.3.5
    • Affects Version/s: 3.3.3
    • Component/s: Security
    • None
    • Fully Compatible
    • Security 12 (04/01/16), Security 13 (04/22/16)
    • None
    • 0
    • None
    • None
    • None
    • None
    • None
    • None

      In order to support bootstrapping a system with LDAP authorization turned on we need to expand the localhost exception to include role creation for the initial role mapping.

      Once the first role has been created the localhost exception will be disabled (as is the case when creating the first user). In pseudo code:

      exceptionEnabled = (LDAP Authz On && no roles in $external) || an admin user exists

            Assignee:
            spencer.jackson@mongodb.com Spencer Jackson
            Reporter:
            andreas.nilsson Andreas Nilsson (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated:
              Resolved: