[COMPASS-5905] Remove password field from Kerberos Created: 20/Jun/22 Updated: 29/Oct/23 Resolved: 13/Jul/22 |
|
| Status: | Closed |
| Project: | Compass |
| Component/s: | Connectivity |
| Affects Version/s: | None |
| Fix Version/s: | 1.32.4 |
| Type: | Task | Priority: | Major - P3 |
| Reporter: | Maurizio Casimirri | Assignee: | Anna Henningsen |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||
| Story Points: | 1 | ||||||||
| Documentation Changes: | Not Needed | ||||||||
| Sprint: | Iteration Eel, Iteration Fish | ||||||||
| Description |
|
Remove password field from Kerberos by default and hide behind the feature flag: process.env.COMPASS_ENABLE_KERBEROS_PASSWORD_FIELD For context, this field should be only rarely necessary as a last resort in environments where the Kerberos auth is not working as intended. But causes issues with a working setup: customers reported that users try to fill the field and potentially expose their system password through connection string and screencasts. |
| Comments |
| Comment by Githook User [ 30/Aug/22 ] |
|
Author: {'name': 'Anna Henningsen', 'email': 'anna.henningsen@mongodb.com', 'username': 'addaleax'}Message: chore(connection-form): hide kerberos password field |
| Comment by Githook User [ 18/Jul/22 ] |
|
Author: {'name': 'Anna Henningsen', 'email': 'anna.henningsen@mongodb.com', 'username': 'addaleax'}Message: chore(connection-form): hide kerberos password field |
| Comment by Githook User [ 14/Jul/22 ] |
|
Author: {'name': 'Anna Henningsen', 'email': 'anna.henningsen@mongodb.com', 'username': 'addaleax'}Message: chore(connection-form): hide kerberos password field |
| Comment by Githook User [ 14/Jul/22 ] |
|
Author: {'name': 'Anna Henningsen', 'email': 'anna.henningsen@mongodb.com', 'username': 'addaleax'}Message: chore(connection-form): hide kerberos password field |
| Comment by Githook User [ 13/Jul/22 ] |
|
Author: {'name': 'Anna Henningsen', 'email': 'anna.henningsen@mongodb.com', 'username': 'addaleax'}Message: chore(connection-form): hide kerberos password field |
| Comment by Githook User [ 13/Jul/22 ] |
|
Author: {'name': 'Anna Henningsen', 'email': 'anna.henningsen@mongodb.com', 'username': 'addaleax'}Message: chore(connection-form): hide kerberos password field |
| Comment by Githook User [ 13/Jul/22 ] |
|
Author: {'name': 'Anna Henningsen', 'email': 'anna.henningsen@mongodb.com', 'username': 'addaleax'}Message: chore(connection-form): hide kerberos password field |
| Comment by Githook User [ 13/Jul/22 ] |
|
Author: {'name': 'Anna Henningsen', 'email': 'anna.henningsen@mongodb.com', 'username': 'addaleax'}Message: chore(connection-form): hide kerberos password field |
| Comment by Githook User [ 13/Jul/22 ] |
|
Author: {'name': 'Anna Henningsen', 'email': 'anna.henningsen@mongodb.com', 'username': 'addaleax'}Message: chore(connection-form): hide kerberos password field |
| Comment by Githook User [ 13/Jul/22 ] |
|
Author: {'name': 'Anna Henningsen', 'email': 'anna@addaleax.net', 'username': 'addaleax'}Message: chore(connection-form): hide kerberos password field See the ticket for motivation. |
| Comment by Githook User [ 13/Jul/22 ] |
|
Author: {'name': 'Anna Henningsen', 'email': 'anna@addaleax.net', 'username': 'addaleax'}Message: chore(connection-form): hide kerberos password field See the ticket for motivation. |
| Comment by Githook User [ 13/Jul/22 ] |
|
Author: {'name': 'Anna Henningsen', 'email': 'anna@addaleax.net', 'username': 'addaleax'}Message: chore(connection-form): hide kerberos password field See the ticket for motivation. |