[SERVER-24014] Cannot log in with native LDAP authentication, LDAP authorization, and ldapUserToDNMapping - MongoDB

XML

Word

Printable

Details

Type: Bug
Status: Closed
Priority: Major - P3
Resolution: Fixed
Affects Version/s: 3.3.5
Fix Version/s: 3.3.6
Component/s: None
Labels:
None

Backwards Compatibility:
Fully Compatible
Operating System:
ALL
Epic Link:
XAuth
Sprint:
Security 14 (05/13/16)

Description

Both LDAP authentication and LDAP authorization perform userToDN mappings. The mapping performed by authentication is persisted and the resulting DN is used as the username during authorization. This is incorrect, because this postprocessed username might not match any rule in the ldapUserToDNMapping.

Attachments

Activity

People

Assignee:: Spencer Jackson

Reporter:: Spencer Jackson

Participants:: Githook User, Spencer Jackson

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: May 02 2016 09:53:37 PM UTC

Updated:: May 16 2016 07:50:16 PM UTC

Resolved:: May 03 2016 03:50:26 PM UTC