[SERVER-17527] Add startupWarning if server started with --rest or --httpinterface and access control is enabled Created: 10/Mar/15  Updated: 26/Jan/16  Resolved: 08/Sep/15

Status: Closed
Project: Core Server
Component/s: Security, Usability
Affects Version/s: None
Fix Version/s: 3.1.8

Type: Task Priority: Major - P3
Reporter: Spencer Brody (Inactive) Assignee: Robert Guo (Inactive)
Resolution: Done Votes: 3
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Related
related to SERVER-17390 HTTP Interface does not work with SCR... Closed
related to SERVER-21348 'compatability' typo in web-server st... Closed
is related to SERVER-17512 Unable to authenticate with web conso... Closed
Backwards Compatibility: Fully Compatible
Sprint: Security 9 (09/18/15)
Participants:

 Description   

The http interface doesn't work with SCRAM-SHA-1 user documents and is generally considered insecure. In our documentation we advise any users concerned with the security of their deployment to disable the http interface. We should add a startWarning so users will see in their logs and in MMS if they are running with this type of configuration.



 Comments   
Comment by Githook User [ 26/Jan/16 ]

Author:

{u'username': u'guoyr', u'name': u'Robert Guo', u'email': u'robert.guo@10gen.com'}

Message: Revert "SERVER-17527 add startup warning when server is started with web interface and auth"

This reverts commit a01f882735e7655cfb1572ec8c6710f296caf4be.
Branch: v3.0
https://github.com/mongodb/mongo/commit/a2ad8f927f850ca727df7992c4ca57f680daf28d

Comment by Githook User [ 26/Jan/16 ]

Author:

{u'username': u'guoyr', u'name': u'Robert Guo', u'email': u'robert.guo@10gen.com'}

Message: SERVER-17527 add startup warning when server is started with web interface and auth

(cherry picked from commit 7a615393f4ce1fee83767ab161cdbc6a6ed1fdef)
Branch: v3.0
https://github.com/mongodb/mongo/commit/a01f882735e7655cfb1572ec8c6710f296caf4be

Comment by Githook User [ 08/Sep/15 ]

Author:

{u'username': u'guoyr', u'name': u'Robert Guo', u'email': u'robert.guo@10gen.com'}

Message: SERVER-17527 add startup warning when server is started with web interface and auth
Branch: master
https://github.com/mongodb/mongo/commit/7a615393f4ce1fee83767ab161cdbc6a6ed1fdef

Generated at Thu Feb 08 03:44:47 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.