Details
-
Question
-
Resolution: Duplicate
-
Major - P3
-
None
-
1.9.0
-
None
-
Windows/Linux/Freebsd
Description
All requests from the client should be authenticated, even after the initial establishment of a connection. Simply authenticating the initial request followed by using the source IP/port to extend trust to subsequent requests is not a sufficient basis for trust.
Attachments
Issue Links
- duplicates
-
SERVER-6746 Authentication should only occur over secure channels
-
- Closed
-