[SERVER-37193] Implement connection pooling for the LDAP servers Created: 18/Sep/18  Updated: 06/Dec/22  Resolved: 24/Jan/19

Status: Closed
Project: Core Server
Component/s: Networking
Affects Version/s: None
Fix Version/s: None

Type: New Feature Priority: Major - P3
Reporter: Andrey Brindeyev Assignee: Backlog - Security Team
Resolution: Done Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Related
related to SERVER-34260 Ability to reuse a single TCP connect... Closed
Assigned Teams:
Server Security
Participants:
Case:

 Description   

When configured with an external LDAP authentication & authorization, mongod typically performs three LDAP queries using the separate TCP connections:

  1. userToDNMapping processing
  2. to check the provided password
  3. groups retrieval

The proposed solution is to maintain the connection pool to the external LDAP server and reuse those connections to authenticate the MongoDB clients.

The authentication state of a connection needs to be set back to unauthenticated (using an anonymous bind) before the connection will be returned back to the pool.



 Comments   
Comment by Jonathan Reams [ 24/Jan/19 ]

In SERVER-34260 we started using a connection pool to manage LDAP connections - it will be on by default in 4.2.

Generated at Thu Feb 08 04:45:17 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.