[SERVER-4268] Authentication Should Support An 'Opportunistic Mode' For Easy Migration - MongoDB Jira

XML

Word

Printable

JSON

Details

Type: New Feature
Status: Closed
Priority: Major - P3
Resolution: Duplicate
Affects Version/s: 2.0.1
Fix Version/s: None
Component/s: Security
Labels:
Environment:
All

Backwards Compatibility:
Fully Compatible

Description

The current authentication model appears to be "all or nothing".

Requiring that all nodes be taken down and restarted all at once is unacceptable for production environments.

Many systems support an 'opportunistic' security mode for migration purposes. (see postfix re: TLS)

In this mode, the higher security method is used if it is available, but the less secure (backward compatible) mode will be used if the high security mode is unavailable.

This 'opportunistic' setting can be used during migration. (each secondary upgraded, and finally the primary upgraded... no downtime)

After all nodes support security, you can migrate to a 'required' mode to enforce that any new nodes that come up use the now necessary security methods.

Attachments

Issue Links

duplicates

SERVER-6823 Enable Access control without downtime

Closed

Activity

People

Assignee:: Unassigned

Reporter:: Joel Krauska

Participants:: Joel Krauska

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: Nov 13 2011 01:07:21 AM UTC

Updated:: Mar 08 2013 03:55:31 PM UTC

Resolved:: Feb 26 2013 06:30:27 PM UTC