[SERVER-45309] Ensure bind credentials live longer than LDAP operations Created: 27/Dec/19 Updated: 29/Oct/23 Resolved: 15/Jan/20 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Security |
| Affects Version/s: | None |
| Fix Version/s: | 4.2.3, 4.3.3, 4.0.15 |
| Type: | Bug | Priority: | Major - P3 |
| Reporter: | Spencer Jackson | Assignee: | Sara Golemon |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||||||
| Backwards Compatibility: | Fully Compatible | ||||||||||||||||
| Operating System: | ALL | ||||||||||||||||
| Backport Requested: |
v4.2, v4.0
|
||||||||||||||||
| Sprint: | Security 2019-01-13, Security 2019-01-27 | ||||||||||||||||
| Participants: | |||||||||||||||||
| Case: | (copied to CRM) | ||||||||||||||||
| Description |
|
LDAP bind credentials will be used during bind. They may additionally be used during queries, while chasing referrals. As such, these credentials objects must live longer than the complete operation, in both the pooled and non-pooled codepaths. When credentials are dynamically updated, via setParameter, they should be eventually propagated across all connections after the current operation completes. |
| Comments |
| Comment by Githook User [ 16/Jan/20 ] |
|
Author: {'name': 'Sara Golemon', 'username': 'sgolemon', 'email': 'sara.golemon@mongodb.com'}Message: (cherry picked from commit b9d6cc35518d4845a8baf6d1902645ea9fd6ff50) |
| Comment by Githook User [ 16/Jan/20 ] |
|
Author: {'name': 'Sara Golemon', 'username': 'sgolemon', 'email': 'sara.golemon@mongodb.com'}Message: (cherry picked from commit b9d6cc35518d4845a8baf6d1902645ea9fd6ff50) |
| Comment by Githook User [ 15/Jan/20 ] |
|
Author: {'name': 'Sara Golemon', 'username': 'sgolemon', 'email': 'sara.golemon@mongodb.com'}Message: |