[SERVER-4319] MongoDB Authentication related queries/issues Created: 18/Nov/11  Updated: 15/Aug/12  Resolved: 10/Aug/12

Status: Closed
Project: Core Server
Component/s: Security
Affects Version/s: 1.9.0
Fix Version/s: None

Type: Question Priority: Major - P3
Reporter: Saurabh Dave Assignee: Mark porter
Resolution: Duplicate Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Windows/Linux/Freebsd


Issue Links:
Depends
depends on SERVER-524 Encryption of wire protocol with SSL Closed
depends on SERVER-3198 Ability to restrict operations by role Closed
depends on SERVER-6407 Authenticate users via LDAP proxy Closed
depends on SERVER-3591 Kerberos Support Closed
depends on SERVER-6746 Authentication should only occur over... Closed
Participants:

 Description   

1. Password hash values should be stored using a random salt and hashed using a strong hash such as SHA256.
2. Hash values should not be sent over the network, even as part of a digest.
3. Authentication requests should be protected against replay .
4. Credentials storage should be protected against access from all users except DBA's. This includes the actual database files that
store the encrypted credentials.
5. Ensure integrity of replicated data using either PKI or HMAC technology.
6. Authentication should occur only over secure channels. Support for SSL/TLS communication should be added for authentication. This
should include client certificate authentication for the purpose of mutually authenticating replication partners. Even with anti-
replay nonce values and encrypted "keys" clear text authentication will be vulnerable to man-in-the middle attacks.
7. Provisions for more granular levels of authorization should be added to include provisions for groups and roles for database
users.



 Comments   
Comment by Mark porter [ 10/Aug/12 ]

Ticket is duplicate of several others and has been linked accordingly.

Comment by Mark porter [ 09/Aug/12 ]

@Andy

SERVER-6746 has been logged as discussed and assigned to you, hope that's ok.

I'll mark this ticket as duplicate once I get the OK from Dan.

Comment by Mark porter [ 07/Aug/12 ]

Hi Saurabh,

1. The plan is not to continue to with a local authentication schema, therefore, this makes this request redundant.

2. This is standard best-practice request and I believe that SERVER-3591 probably takes care of it. Additionally, SERVER-6407 covers ldap authentication and this will obviously include secure ldap (port 636).

3. Seems to be a generic request and best request. Have the Security team validated this? I will include this in SERVER-3591 and SERVER-6407 as a requirement.

4. Credentials storage should be protected against access from all users except DBA's. This includes the actual database files that
store the encrypted credentials. => generic statement, covered by SERVER-3591 I suspect

5. I believe that the implementation of SERVER-524 will take care of this.

6. SERVER-6746 has been logged for this request. Elements of SERVER-524 will overlap.

7. SERVER-3198 covers this.

I am marking this ticket as a duplicate and linking to the afore-mentioned tickets as appropriate.

Mark

Comment by Eliot Horowitz (Inactive) [ 20/Nov/11 ]

Some of these things have proper tickets already.

SSL for example SERVER-524

Generated at Thu Feb 08 03:05:38 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.