[JAVA-3527] Ensure server proof has been validated during SCRAM conversation Created: 06/Dec/19  Updated: 28/Oct/23  Resolved: 06/Jan/20

Status: Closed
Project: Java Driver
Component/s: Authentication
Affects Version/s: None
Fix Version/s: 3.12.1

Type: Bug Priority: Major - P3
Reporter: Sara Golemon Assignee: John Stewart (Inactive)
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Related
Backwards Compatibility: Minor Change

 Description   

SCRAM authentication should not be considered complete until the client has validated server proof from the server's second message.



 Comments   
Comment by Githook User [ 15/Jan/20 ]

Author:

{'name': 'John Stewart', 'email': 'john.stewart@mongodb.com', 'username': 'jstewart-mongo'}

Message: Ensure server proof has been validated during SCRAM conversation

JAVA-3527
Branch: 3.12.x
https://github.com/mongodb/mongo-java-driver/commit/d256d1b3df8a40d9aaa108190ea67a1e13b261c1

Comment by Githook User [ 06/Jan/20 ]

Author:

{'name': 'John Stewart', 'email': 'john.stewart@mongodb.com', 'username': 'jstewart-mongo'}

Message: Ensure server proof has been validated during SCRAM conversation

JAVA-3527
Branch: master
https://github.com/mongodb/mongo-java-driver/commit/3e6591cc9b8f26b94716a69982fceed9e43b6e7a

Comment by Jeffrey Yemin [ 27/Dec/19 ]

Scheduled for backport to 3.12 branch.

Generated at Thu Feb 08 08:59:49 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.