[SERVER-76043] Allow shell to construct native PLAIN SASL client mechanisms Created: 12/Apr/23  Updated: 29/Oct/23  Resolved: 17/Apr/23

Status: Closed
Project: Core Server
Component/s: None
Affects Version/s: None
Fix Version/s: 7.1.0-rc0

Type: Task Priority: Major - P3
Reporter: Spencer Jackson Assignee: Spencer Jackson
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Problem/Incident
Backwards Compatibility: Fully Compatible
Sprint: Security 2023-04-17, Security 2023-05-01
Participants:
Linked BF Score: 34

 Description   

SASL mechanisms can be provided from our implementations, or from Cyrus SASL. Our Cyrus SASL client implementation inspects the name of the requested mechanism, to figure out whether it should handle the request, or whether it should be delegated to the native implementation.

While we have a native PLAIN implementation, the mechanism factory will only make Cyrus instances. This means that on Community, PLAIN is always a viable mechanism. But on Enterprise, PLAIN in only viable if the correct Cyrus SASL plugin is installed.

We should always use the native PLAIN implementation, so that we don't have this conditional dependency.



 Comments   
Comment by Githook User [ 17/Apr/23 ]

Author:

{'name': 'Spencer Jackson', 'email': 'spencer.jackson@mongodb.com', 'username': 'spencerjackson'}

Message: SERVER-76043 Allow enterprise shell to create native PLAIN SASL mech
Branch: master
https://github.com/mongodb/mongo/commit/681dec417b1d67a6df23d0c387b0d6089756aacf

Generated at Thu Feb 08 06:31:42 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.