[SERVER-25710] mongoldap should warn on weak LDAP bind mechansisms are used without TLS Created: 19/Aug/16  Updated: 27/Jun/22  Resolved: 10/Jul/17

Status: Closed
Project: Core Server
Component/s: Security
Affects Version/s: None
Fix Version/s: 3.5.10

Type: New Feature Priority: Major - P3
Reporter: Ben Shteinfeld Assignee: Ben Shteinfeld
Resolution: Done Votes: 0
Labels: neweng, platforms-interns-2017
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Backwards Compatibility: Fully Compatible
Sprint: Platforms 2017-06-19, Platforms 2017-07-10
Participants:

 Description   

The mongoldap verification tool should print a warning when a weak LDAP bind mechanism is used without TLS. For example, neither the simple bind mechanism or the PLAIN SASL mechanism should be used without TLS.



 Comments   
Comment by Githook User [ 07/Jul/17 ]

Author:

{u'username': u'bshteinfeld', u'name': u'Ben Shteinfeld', u'email': u'ben.shteinfeld@mongodb.com'}

Message: SERVER-25710 mongoldap warns on insecure bind mechanisms
Branch: master
https://github.com/10gen/mongo-enterprise-modules/commit/3d22ff9f6ccbe4bca62b1a0e94a365ea71458de8

Generated at Thu Feb 08 04:09:58 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.