[JAVA-1077] Offer option to canonicalize server name used for GSSAPI authentication Created: 14/Jan/14  Updated: 03/Jan/18  Resolved: 24/Jan/14

Status: Closed
Project: Java Driver
Component/s: Authentication
Affects Version/s: None
Fix Version/s: 2.12.0, 3.0.0

Type: New Feature Priority: Major - P3
Reporter: Jeffrey Yemin Assignee: Jeffrey Yemin
Resolution: Done Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends
Case:

 Description   

Section 4.1 of http://www.ietf.org/rfc/rfc2743.txt says:

The "hostname" may ... be canonicalized by attempting a DNS lookup and using the fully-qualified domain name which is returned...

Oracle's GSSAPI implementation is not canonicalizing (note that it's optional). Given that, the driver should be able to do the canonicalization on behalf of the application, as authentication can fail if the application provides the driver with a DNS alias to a mongos server.

In scope of this ticket, we need to determine whether the canonicalization should always be done, or whether it should be opt-in.



 Comments   
Comment by Githook User [ 24/Jan/14 ]

Author:

{u'username': u'jyemin', u'name': u'Jeff Yemin', u'email': u'jeff.yemin@10gen.com'}

Message: JAVA-1077: Assume command failure in case of missing or invalid 'ok' field in server response
Branch: 3.0.x
https://github.com/mongodb/mongo-java-driver/commit/c2eca216994d8250416599d4abe9fdef4a34b27c

Comment by Githook User [ 24/Jan/14 ]

Author:

{u'username': u'jyemin', u'name': u'Jeff Yemin', u'email': u'jeff.yemin@10gen.com'}

Message: JAVA-1077: Add a mechanism property to force host name canonicalization for GSSAPI authentication.
Branch: 3.0.x
https://github.com/mongodb/mongo-java-driver/commit/cc8db58dfa124b9fcb194631d3f2f2a7a0e7a231

Comment by Githook User [ 15/Jan/14 ]

Author:

{u'username': u'jyemin', u'name': u'Jeff Yemin', u'email': u'jeff.yemin@10gen.com'}

Message: JAVA-1077: Add a mechanism property to force host name canonicalization for GSSAPI authentication.
Branch: master
https://github.com/mongodb/mongo-java-driver/commit/1e474ab8ec825d82aa4270aa2ca6c58d9e5b8996

Generated at Thu Feb 08 08:53:45 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.