[SERVER-41069] Ability to disable authorization via x509 extensions Created: 09/May/19 Updated: 29/Oct/23 Resolved: 11/Jun/19 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Security |
| Affects Version/s: | None |
| Fix Version/s: | 3.4.22, 3.6.14, 4.0.11, 4.2.0-rc3, 4.3.1 |
| Type: | New Feature | Priority: | Major - P3 |
| Reporter: | Cory Mintz | Assignee: | Jonathan Reams |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||||||||||
| Backwards Compatibility: | Fully Compatible | ||||||||||||||||||||
| Backport Requested: |
v4.2, v4.0, v3.6, v3.4
|
||||||||||||||||||||
| Sprint: | Security 2019-06-17 | ||||||||||||||||||||
| Participants: | |||||||||||||||||||||
| Description |
|
The MONGODB-X509 auth mechanism has support for specifying user authorizations via a x509 extension in the client certificate. When managing a database where I want to control the user authorizations, but I want the user to be able to issue their own client certificates, it is desirable to be able to disable this feature. |
| Comments |
| Comment by Githook User [ 10/Jul/19 ] |
|
Author: {'name': 'Jonathan Reams', 'email': 'jbreams@mongodb.com', 'username': 'jbreams'}Message: (cherry picked from commit 85ec26ff72f4029c52c40fab796ad53533828e60) |
| Comment by Githook User [ 10/Jul/19 ] |
|
Author: {'name': 'Jonathan Reams', 'username': 'jbreams', 'email': 'jbreams@mongodb.com'}Message: (cherry picked from commit 85ec26ff72f4029c52c40fab796ad53533828e60) |
| Comment by Githook User [ 10/Jul/19 ] |
|
Author: {'name': 'Jonathan Reams', 'email': 'jbreams@mongodb.com', 'username': 'jbreams'}Message: (cherry picked from commit 85ec26ff72f4029c52c40fab796ad53533828e60) |
| Comment by Githook User [ 08/Jul/19 ] |
|
Author: {'name': 'Jonathan Reams', 'email': 'jbreams@mongodb.com', 'username': 'jbreams'}Message: (cherry picked from commit 85ec26ff72f4029c52c40fab796ad53533828e60) |
| Comment by Githook User [ 11/Jun/19 ] |
|
Author: {'name': 'Jonathan Reams', 'email': 'jbreams@mongodb.com', 'username': 'jbreams'}Message: |
| Comment by Sara Williamson [ 13/May/19 ] |
|
cory.mintz what is the timeline on this? |