Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-4268

Authentication Should Support An 'Opportunistic Mode' For Easy Migration

    XMLWordPrintableJSON

Details

    • Fully Compatible

    Description

      The current authentication model appears to be "all or nothing".

      Requiring that all nodes be taken down and restarted all at once is unacceptable for production environments.

      Many systems support an 'opportunistic' security mode for migration purposes. (see postfix re: TLS)

      In this mode, the higher security method is used if it is available, but the less secure (backward compatible) mode will be used if the high security mode is unavailable.

      This 'opportunistic' setting can be used during migration. (each secondary upgraded, and finally the primary upgraded... no downtime)

      After all nodes support security, you can migrate to a 'required' mode to enforce that any new nodes that come up use the now necessary security methods.

      Attachments

        Issue Links

          Activity

            People

              Unassigned Unassigned
              jkrauska Joel Krauska
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: