Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-75825

Remove mechanism activation checks in SaslOIDCServerMechanism

    XMLWordPrintableJSON

Details

    • Icon: Task Task
    • Resolution: Unresolved
    • Icon: Major - P3 Major - P3
    • None
    • None
    • None
    • Server Security

    Description

      SaslOIDCServerMechanism checks whether the OIDC mechanism is activated before performing OIDC authentication steps, or before affirming that it is able to auth a user. These checks are unnecessary. The SASLMechanismRegistry will perform these checks before loading SaslOIDCServerMechanism's factory. Additional defense is unnecessary, and prevents us from easily invoking the Mechanism in a unittest.

      Attachments

        Activity

          People

            backlog-server-security Backlog - Security Team
            spencer.jackson@mongodb.com Spencer Jackson
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated: