Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-24821

Use authentication identity in LDAP backed PLAIN SASL mechanism

XMLWordPrintableJSON

    • Type: Icon: Bug Bug
    • Resolution: Done
    • Priority: Icon: Major - P3 Major - P3
    • 3.3.10
    • Affects Version/s: None
    • Component/s: Internal Code, Security
    • None
    • Fully Compatible
    • ALL
    • Security 17 (07/15/16)

      The native LDAP PLAIN SASL mechanism currently parses the authorization identity as the identity to use for the SASL session. We should use the authentication session instead, which is not an optional field. Some SASL stacks seem to leave the authorization field blank.

            Assignee:
            spencer.jackson@mongodb.com Spencer Jackson
            Reporter:
            spencer.jackson@mongodb.com Spencer Jackson
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: