Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-39178

Negotiate SCRAM mechanism in MongoURI::connect()

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Closed
    • Major - P3
    • Resolution: Fixed
    • None
    • 4.0.9, 4.1.9
    • None
    • None
    • Fully Compatible
    • v4.0
    • Security 2019-02-25, Security 2019-03-11, Security 2019-03-25

    Description

      MongoURI::connect() still assumes SCRAM-SHA-1 for URIs which don't have an authentication mechanism explicitly specified.

      Check isMaster.saslSupportedMechs before making assumptions.

      Attachments

        Issue Links

          duplicates

          Bug - A problem which impairs or prevents the functions of the product. SERVER-39404 SASL negotiation in shell 4.0.5 fails to authenticate SCRAM-SHA-256 user

          • Major - P3 - Major loss of function.
          • Closed
          is depended on by

          Bug - A problem which impairs or prevents the functions of the product. SERVER-39404 SASL negotiation in shell 4.0.5 fails to authenticate SCRAM-SHA-256 user

          • Major - P3 - Major loss of function.
          • Closed

          Activity

            People

              shreyas.kalyan@mongodb.com Shreyas Kalyan
              sara.golemon@mongodb.com Sara Golemon
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: