[SERVER-39128] Avoid double-authentication during connect from mongo shell Created: 22/Jan/19 Updated: 29/Oct/23 Resolved: 26/Jan/19 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | 4.0.7, 4.1.8 |
| Type: | Improvement | Priority: | Major - P3 |
| Reporter: | Sara Golemon | Assignee: | Sara Golemon |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||
| Backwards Compatibility: | Fully Compatible | ||||||||
| Backport Requested: |
v4.0
|
||||||||
| Sprint: | Security 2019-01-28 | ||||||||
| Participants: | |||||||||
| Linked BF Score: | 5 | ||||||||
| Description |
|
When launching the shell with a username/password specified, either by way of a mongodb:// uri or by pass - The first is the result of a call to MongoURI::connect() which contains a call to DBClientBase::auth(). This results in multiple round-trips for the extra auth and in the case of Enterprise users, multiple "authenticate" entries in the audit log. |
| Comments |
| Comment by Githook User [ 06/Feb/19 ] |
|
Author: {'name': 'Sara Golemon', 'email': 'sara.golemon@mongodb.com', 'username': 'sgolemon'}Message: (cherry picked from commit 82e05d6c201fa59223aa40340a5d4ad84b32ac65) |
| Comment by Githook User [ 30/Jan/19 ] |
|
Author: {'username': 'sgolemon', 'email': 'sara.golemon@mongodb.com', 'name': 'Sara Golemon'}Message: |
| Comment by Githook User [ 26/Jan/19 ] |
|
Author: {'username': 'sgolemon', 'email': 'sara.golemon@mongodb.com', 'name': 'Sara Golemon'}Message: |
| Comment by Githook User [ 26/Jan/19 ] |
|
Author: {'username': 'sgolemon', 'email': 'sara.golemon@mongodb.com', 'name': 'Sara Golemon'}Message: |