[SERVER-24673] Separate LDAP server hostnames and protocol mechanism Created: 20/Jun/16 Updated: 14/Mar/17 Resolved: 25/Jul/16 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Internal Code, Security |
| Affects Version/s: | None |
| Fix Version/s: | 3.3.11 |
| Type: | Improvement | Priority: | Major - P3 |
| Reporter: | Spencer Jackson | Assignee: | Spencer Jackson |
| Resolution: | Done | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||||||
| Backwards Compatibility: | Fully Compatible | ||||||||||||||||
| Sprint: | Security 17 (07/15/16), Security (08/08/16) | ||||||||||||||||
| Participants: | |||||||||||||||||
| Description |
|
We should separate the LDAP server hostname from the protocol mechanism. This will allow us to handle connection timeout on Windows, which will happen easily when we do this. On Linux when a connection times out, the MongoDB process will automatically connect to fallback LDAP servers specified with the ldapServers argument. Windows does not currently fallback to subsequent servers. After this patch it will. This will also prevent connection timeouts from falling back onto a connection with a different security protocol. |
| Comments |
| Comment by Githook User [ 25/Jul/16 ] |
|
Author: {u'username': u'spencerjackson', u'name': u'Spencer Jackson', u'email': u'spencer.jackson@mongodb.com'}Message: |