Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-8325

Let administrator override sasl service name and host name used by server for GSSAPI authentication.

    XMLWordPrintableJSON

Details

    • Icon: Improvement Improvement
    • Resolution: Duplicate
    • Icon: Major - P3 Major - P3
    • None
    • None
    • Security
    • None
    • Minor Change

    Description

      The administrator of a system should be able to specify a service principal other than the one formed by combining "mongodb" and the FQDN of the host name running the mongo service, as returned by getHostNameCached(). Implementing this feature would facilitate running mongo clusters in environments where servers and clients may disagree about each others' FQDN.

      Mongod should start the following two setParameters at startup:

      *saslServiceName – reported name of the service for authentication purposes, defaults to mongodb
      *saslHostName – reported host name for authentication purposes, defaults to getHostNameCached().

      Then, either isMaster should return those parameters, or (better?) the getParameter command should enable even unauthenticated users to fetch those two parameter values.

      Attachments

        Activity

          People

            Unassigned Unassigned
            schwerin@mongodb.com Andy Schwerin
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: