[SERVER-52863] Instantiate AuthenticationSession during SASL mechanism negotiation Created: 13/Nov/20  Updated: 29/Oct/23  Resolved: 10/Feb/21

Status: Closed
Project: Core Server
Component/s: Internal Code
Affects Version/s: None
Fix Version/s: 4.9.0

Type: Improvement Priority: Major - P3
Reporter: Spencer Jackson Assignee: Benjamin Caimano (Inactive)
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends
is depended on by SERVER-52862 Move logAuthentication hooks to Authe... Closed
Backwards Compatibility: Fully Compatible
Sprint: Security 2021-01-25, Security 2021-02-08, Security 2021-02-22
Participants:

 Description   

The AuthenticationSession should be created and begin its lifecycle during the first step of the authentication exchange. This can, but does not strictly have to, be during SASL mechanism negotiation.

The Session should store a UserHandle for the user object it obtains during this step. This will hold the User in the user cache for the life of the authentication attempt. This object should be reused for steps in the authentication process. We will need to create some glue to ensure that the User is valid before it is used, and authentication aborts if it is not.



 Comments   
Comment by Githook User [ 09/Feb/21 ]

Author:

{'name': 'Ben Caimano', 'email': 'ben.caimano@10gen.com'}

Message: SERVER-52863 Instantiate AuthenticationSession during SASL mechanism negotiation
Branch: master
https://github.com/mongodb/mongo/commit/5b83d4cc18cc0e322912f86c7fba6c14355986e7

Generated at Thu Feb 08 05:29:13 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.