[COMPASS-851] Investigate Kerberos Authentication if the username contains @ Created: 06/Mar/17 Updated: 05/Nov/18 Resolved: 05/Nov/18 |
|
| Status: | Closed |
| Project: | Compass |
| Component/s: | Connectivity |
| Affects Version/s: | 1.8.0-dev, 1.15.4 |
| Fix Version/s: | 1.16.0 |
| Type: | Bug | Priority: | Major - P3 |
| Reporter: | Peter Schmidt | Assignee: | Durran Jordan |
| Resolution: | Done | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Attachments: |
|
||||||||||||
| Issue Links: |
|
||||||||||||
| Story Points: | 2 | ||||||||||||
| Sprint: | Iteration Guacamole, Iteration Qbert | ||||||||||||
| Description |
|
From COMPASS-745, it looks like Kerberos and X.509 are also likely to double-encode their auth-component in the same way LDAP does. This ticket should: 1. Confirm if this is true, e.g. with https://docs.mongodb.com/v3.2/tutorial/control-access-to-mongodb-with-kerberos-authentication/ 2. If so, add a regression test in connection-model. |
| Comments |
| Comment by Peter Schmidt [ 04/May/17 ] |
|
%2540 being the URL-encoding of %40 which itself is the URL-encoding of @ (to make the term "double-encoding" more explicit) is probably wrong considering the following source: |
| Comment by Peter Schmidt [ 03/May/17 ] |
|
May be able to use MongoSecurityPlaypen from HELP-4201. |
| Comment by Peter Schmidt [ 24/Apr/17 ] |
|
Node driver example: |
| Comment by Peter Schmidt [ 10/Mar/17 ] |
|
While in the area, would also be good to test: |