Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-8597

Authenticating as a user that has a non-existent role prevents acquiring any privileges, even if that user has other valid roles

XMLWordPrintableJSON

    • Type: Icon: Bug Bug
    • Resolution: Done
    • Priority: Icon: Major - P3 Major - P3
    • 2.4.0-rc1
    • Affects Version/s: None
    • Component/s: Security
    • Labels:
      None
    • Fully Compatible
    • ALL

      You should still be able to authenticate to a user with an invalid role (could be important for future upgrade paths to a version with more, or user-defined, roles). We should just skip the invalid role and continue acquiring privileges for any other valid roles in that user's privilege document.

            Assignee:
            spencer@mongodb.com Spencer Brody (Inactive)
            Reporter:
            spencer@mongodb.com Spencer Brody (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: