[SERVER-20387] Broken kerberos implementation in mongodump & mongorestore Created: 27/Aug/15 Updated: 10/Sep/18 Resolved: 10/Sep/18 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Security, Tools |
| Affects Version/s: | 2.6.10 |
| Fix Version/s: | None |
| Type: | Bug | Priority: | Major - P3 |
| Reporter: | Luke Prochazka | Assignee: | DO NOT USE - Backlog - Platform Team |
| Resolution: | Done | Votes: | 1 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Environment: |
Windows |
||
| Issue Links: |
|
||||||||||||||||
| Operating System: | Windows | ||||||||||||||||
| Participants: | |||||||||||||||||
| Description |
|
The mongodump & mongorestore tools do not completely support kerberos auth. For example, when running with the following syntax which omits the password field:
This fails with the following error:
If the same command is run with the -p password parameter, the tools auths successfully. This indicates that the underlying kerberos configuration is functional, but the tools is unable to leverage the existing kerberos ticket for auth purposes. |
| Comments |
| Comment by Sara Williamson [ 10/Sep/18 ] |
|
The tools described in this ticket no longer exist and have been replaced by a new implementation. |
| Comment by Gabriel Russell (Inactive) [ 10/Sep/15 ] |
|
Which version of mongodump is this? |