[SERVER-4320] MongoDB Session Management related queries/question Created: 18/Nov/11 Updated: 15/Feb/13 Resolved: 10/Oct/12 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Security |
| Affects Version/s: | 1.9.0 |
| Fix Version/s: | None |
| Type: | Question | Priority: | Major - P3 |
| Reporter: | Saurabh Dave | Assignee: | Mark porter |
| Resolution: | Duplicate | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Environment: |
Windows/Linux/Freebsd |
||
| Issue Links: |
|
||||||||
| Participants: | |||||||||
| Description |
|
All requests from the client should be authenticated, even after the initial establishment of a connection. Simply authenticating the initial request followed by using the source IP/port to extend trust to subsequent requests is not a sufficient basis for trust. |
| Comments |
| Comment by Mark porter [ 10/Oct/12 ] |
|
Closing as a duplicate and linking to Attempted to contact the requestor several times for feedback but none forthcoming. Mark |
| Comment by Eliot Horowitz (Inactive) [ 20/Nov/11 ] |
|
Do have examples of systems that do this? |