Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-45309

Ensure bind credentials live longer than LDAP operations

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major - P3
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 4.2.3, 4.3.3, 4.0.15
    • Component/s: Security
    • Labels:
      None
    • Backwards Compatibility:
      Fully Compatible
    • Operating System:
      ALL
    • Backport Requested:
      v4.2, v4.0
    • Sprint:
      Security 2019-01-13, Security 2019-01-27
    • Case:

      Description

      LDAP bind credentials will be used during bind. They may additionally be used during queries, while chasing referrals. As such, these credentials objects must live longer than the complete operation, in both the pooled and non-pooled codepaths.

      When credentials are dynamically updated, via setParameter, they should be eventually propagated across all connections after the current operation completes.

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                10 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: