[SERVER-23503] Expand localhost exception to include role creation Created: 04/Apr/16  Updated: 05/Dec/16  Resolved: 22/Apr/16

Status: Closed
Project: Core Server
Component/s: Security
Affects Version/s: 3.3.3
Fix Version/s: 3.3.5

Type: Improvement Priority: Major - P3
Reporter: Andreas Nilsson Assignee: Spencer Jackson
Resolution: Done Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Documented
is documented by DOCS-9505 Docs for SERVER-23503: Expand localho... Closed
Backwards Compatibility: Fully Compatible
Sprint: Security 12 (04/01/16), Security 13 (04/22/16)
Participants:

 Description   

In order to support bootstrapping a system with LDAP authorization turned on we need to expand the localhost exception to include role creation for the initial role mapping.

Once the first role has been created the localhost exception will be disabled (as is the case when creating the first user). In pseudo code:

exceptionEnabled = (LDAP Authz On && no roles in $external) || an admin user exists



 Comments   
Comment by Githook User [ 22/Apr/16 ]

Author:

{u'username': u'spencerjackson', u'name': u'Spencer Jackson', u'email': u'spencer.jackson@mongodb.com'}

Message: SERVER-23503 Expand localhost exception to include role creation
Branch: master
https://github.com/mongodb/mongo/commit/3e6a04652806e752c0c004fa72bc95025c3a9d54

Generated at Thu Feb 08 04:03:34 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.