Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-23503

Expand localhost exception to include role creation

    XMLWordPrintableJSON

Details

    • Icon: Improvement Improvement
    • Resolution: Done
    • Icon: Major - P3 Major - P3
    • 3.3.5
    • 3.3.3
    • Security
    • None
    • Fully Compatible
    • Security 12 (04/01/16), Security 13 (04/22/16)

    Description

      In order to support bootstrapping a system with LDAP authorization turned on we need to expand the localhost exception to include role creation for the initial role mapping.

      Once the first role has been created the localhost exception will be disabled (as is the case when creating the first user). In pseudo code:

      exceptionEnabled = (LDAP Authz On && no roles in $external) || an admin user exists
      

      Attachments

        Activity

          People

            spencer.jackson@mongodb.com Spencer Jackson
            andreas.nilsson Andreas Nilsson
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: