Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-25709

Allow failed LDAP binding to fallback onto native LDAP authentication user

    XMLWordPrintableJSON

Details

    • Icon: Task Task
    • Resolution: Unresolved
    • Icon: Major - P3 Major - P3
    • None
    • None
    • Internal Code, Security
    • None
    • Server Security

    Description

      If no LDAP bind user has been specified, we currently attempt to perform LDAP authorization queries without binding as a user. Many LDAP servers will disallow anonymous binds. We may want to reattempt queries which fail for this reason, binding with the same user and password as the authentication user, which will likely be authorized to perform queries for its own groups.

      Attachments

        Activity

          People

            backlog-server-security Backlog - Security Team
            spencer.jackson@mongodb.com Spencer Jackson
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated: