[SERVER-8591] Revoke privileges for connections authenticated as deleted users Created: 15/Feb/13  Updated: 08/Mar/13  Resolved: 26/Feb/13

Status: Closed
Project: Core Server
Component/s: Security
Affects Version/s: 2.4.0-rc0
Fix Version/s: None

Type: Improvement Priority: Major - P3
Reporter: Mark porter Assignee: Unassigned
Resolution: Duplicate Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

MongoDB 2.4.0-rc0


Issue Links:
Duplicate
duplicates SERVER-6620 Auth credentials should be invalidate... Closed
Related
Participants:

 Description   

At present, MongoDB does not revoke privileges for connections authenticated as deleted users.

There should be some form of "revocation and expiration of connection privileges" for a connected user if that same is deleted whilst currently logged in.


Generated at Thu Feb 08 03:17:51 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.