[COMPASS-1629] Cross-realm Kerberos Support Created: 01/Aug/17  Updated: 31/Aug/18  Resolved: 31/Aug/18

Status: Closed
Project: Compass
Component/s: Connectivity
Affects Version/s: None
Fix Version/s: 1.16.0, 1.15.1

Type: Task Priority: Major - P3
Reporter: Lucas Hrabovsky (Inactive) Assignee: Durran Jordan
Resolution: Done Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends
depends on NODE-1370 Update algorithm for Kerberos hostnam... Closed
depends on NODE-619 Add cross realm authentication suppor... Closed
Epic Link: COMPASS-2286
Story Points: 3
Sprint: Iteration Guacamole, Iteration Halloumi, Iteration Icelandiccharr, Iteration JalapeƱo

 Description   

From CS-26551. After a bit of initial investigation, imagine this breaking out into 3 tasks:

  • COMPASS-1629: Spike: Research additional options needed to support cross-realm kerberos via the connect dialog
  • Add additional Kerberos options to connect dialog
  • Kerberos Cross-Realm testing backend setup

Compass RC1 - Internal Server Error With (Cross Realm) Kerberos @ Connect Time

Debug Console Shows:

POST http://localhost:29017/api/v1/token 500 (Internal Server Error)Request.end @ client.js:1016Model.extend.create @ token.js:69(anonymous function) @ token.js:119Item.run @ browser.js:64drainQueue @ browser.js:34_super.bugsnag @ bugsnag.js:149(anonymous function) @ bugsnag.js:624
bugsnag.js:239 [Bugsnag] Invalid API key 'undefined'
bugsnag.js:239 [Bugsnag] Invalid API key 'undefined'

Note in the java driver we would have to do something along the following, would this be something that node driver can expose to compass?

        MongoCredential gssAPICred = MongoCredential
                .createGSSAPICredential(KERBEROS + "@WINDOWSREALM.COM")
                .withMechanismProperty("REALM", "LINUXREALM.COM")
                .withMechanismProperty("CANONICALIZE_HOST_NAME", true);



 Comments   
Comment by Githook User [ 29/Aug/18 ]

Author:

{'name': 'Durran Jordan', 'email': 'durran@gmail.com', 'username': 'durran'}

Message: COMPASS-1629: Bump dependencies for Kerberos support
Branch: master
https://github.com/10gen/compass/commit/b179d0f6e0128792ef8341631ee6b4146dbb7914

Comment by Githook User [ 28/Aug/18 ]

Author:

{'name': 'Durran Jordan', 'email': 'durran@gmail.com', 'username': 'durran'}

Message: COMPASS-1629: Bump dependencies for Kerberos support
Branch: COMPASS-1629
https://github.com/10gen/compass/commit/7813400e56bc401a3884bab745d3bc0d14874f2a

Generated at Wed Feb 07 22:27:57 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.