[SERVER-41152] A space in the authenticationMechanisms string should produce at least a warning message Created: 15/May/19 Updated: 29/Oct/23 Resolved: 20/Jun/19 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Logging, Security |
| Affects Version/s: | None |
| Fix Version/s: | 4.2.0-rc4, 4.0.12, 4.3.1 |
| Type: | Improvement | Priority: | Minor - P4 |
| Reporter: | Emilio Scalise | Assignee: | Jason Piao (Inactive) |
| Resolution: | Fixed | Votes: | 1 |
| Labels: | neweng | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||
| Backwards Compatibility: | Fully Compatible | ||||
| Backport Requested: |
v4.2, v4.0
|
||||
| Sprint: | Security 2019-06-03, Security 2019-06-17, Security 2019-07-01 | ||||
| Participants: | |||||
| Case: | (copied to CRM) | ||||
| Description |
|
The security.authenticationMechanisms parameter (as documented here) requires that "If you specify multiple values, use a comma-separated list and no spaces." If you put a space like for example:
SCRAM-SHA-256 will be enabled and GSSAPI not in a silent way. This can trick users and who needs to troubleshoot this. It would be nice to have a warning message that warns you that you have a space in the authenticationMechanisms parameter string and all the auth mechanisms specified may have not been enabled because of that. |
| Comments |
| Comment by Githook User [ 30/Jul/19 ] |
|
Author: {'name': 'Jason Piao', 'email': 'jason.piao@Jasons-MacBook-Pro.local'}Message: (cherry picked from commit c31362708f26397dd20818ab780a5180e257d5a7) |
| Comment by Githook User [ 23/Jul/19 ] |
|
Author: {'name': 'Jason Piao', 'email': 'jason.piao@Jasons-MacBook-Pro.local'}Message: (cherry picked from commit c31362708f26397dd20818ab780a5180e257d5a7) |
| Comment by Githook User [ 19/Jun/19 ] |
|
Author: {'name': 'Jason Piao', 'email': 'jason.piao@Jasons-MacBook-Pro.local'}Message: |