Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-4268

Authentication Should Support An 'Opportunistic Mode' For Easy Migration

    XMLWordPrintable

    Details

    • Backwards Compatibility:
      Fully Compatible

      Description

      The current authentication model appears to be "all or nothing".

      Requiring that all nodes be taken down and restarted all at once is unacceptable for production environments.

      Many systems support an 'opportunistic' security mode for migration purposes. (see postfix re: TLS)

      In this mode, the higher security method is used if it is available, but the less secure (backward compatible) mode will be used if the high security mode is unavailable.

      This 'opportunistic' setting can be used during migration. (each secondary upgraded, and finally the primary upgraded... no downtime)

      After all nodes support security, you can migrate to a 'required' mode to enforce that any new nodes that come up use the now necessary security methods.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned Unassigned
              Reporter:
              jkrauska Joel Krauska
              Participants:
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: