<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Thu Feb 08 03:03:28 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[SERVER-3591] Kerberos Support</title>
                <link>https://jira.mongodb.org/browse/SERVER-3591</link>
                <project id="10000" key="SERVER">Core Server</project>
                    <description>&lt;p&gt;Some banking background firms require that the data servers should be kerberos protected. Thus it will be nice if mongodb use kerberos authentication and communication between s/c is protected by kerberos session keys. Work is required on both server and driver sides.&lt;/p&gt;</description>
                <environment></environment>
        <key id="20946">SERVER-3591</key>
            <summary>Kerberos Support</summary>
                <type id="4" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14710&amp;avatarType=issuetype">Improvement</type>
                                            <priority id="3" iconUrl="https://jira.mongodb.org/images/icons/priorities/major.svg">Major - P3</priority>
                        <status id="6" iconUrl="https://jira.mongodb.org/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="success"/>
                                    <resolution id="3">Duplicate</resolution>
                                        <assignee username="-1">Unassigned</assignee>
                                    <reporter username="leo li">leo li</reporter>
                        <labels>
                            <label>Suggestions</label>
                            <label>security</label>
                    </labels>
                <created>Sat, 13 Aug 2011 01:46:12 +0000</created>
                <updated>Fri, 8 Mar 2013 15:55:42 +0000</updated>
                            <resolved>Thu, 21 Feb 2013 18:15:27 +0000</resolved>
                                                                    <component>Security</component>
                                        <votes>9</votes>
                                    <watches>17</watches>
                                                                                                                <comments>
                            <comment id="272298" author="schwerin" created="Thu, 21 Feb 2013 18:15:27 +0000"  >&lt;p&gt;The authentication component is resolved by &lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-7115&quot; title=&quot;Modular Authentication support&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-7115&quot;&gt;&lt;del&gt;SERVER-7115&lt;/del&gt;&lt;/a&gt; in 2.3.2 and the 2.4 release candidates.  Channel integrity and privacy should be achieved via SSL/TLS, as mongo does not and probably will not support those services via Kerberos.&lt;/p&gt;</comment>
                            <comment id="272232" author="jblackburn" created="Thu, 21 Feb 2013 17:08:25 +0000"  >&lt;p&gt;It looks like this might be available in 2.4 rather than 2.5 looking at the release notes:&lt;br/&gt;
&lt;a href=&quot;http://docs.mongodb.org/manual/release-notes/2.4/#new-modular-authentication-system-with-support-for-kerberos&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;http://docs.mongodb.org/manual/release-notes/2.4/#new-modular-authentication-system-with-support-for-kerberos&lt;/a&gt;&lt;br/&gt;
?&lt;/p&gt;</comment>
                            <comment id="178350" author="daqscott" created="Tue, 23 Oct 2012 20:18:21 +0000"  >&lt;p&gt;I just thought of another thing I hadn&apos;t already mentioned explicitly: backups and restores also need to be authorized. If any old user can take a backup copy of any database, then they can restore it where-ever they like. As well, any user shouldn&apos;t be able to restore other data in place of a protected data store facility. Perhaps this seems obvious with reflection, but I did want to make sure it doesn&apos;t get overlooked.&lt;/p&gt;</comment>
                            <comment id="141940" author="daqscott" created="Wed, 11 Jul 2012 16:35:16 +0000"  >&lt;p&gt;Thanks for scheduling this. I wanted to add that just authentication client/server communication is only half a job: ALL traffic should be authenticated. Server-server communication for replication and the like (config server, etc) should involve mutual authentication. Mongos will most likely need to perform ticket forwarding to complete the picture. Lastly, you probably want to implement this via GSSAPI which means that you can implement this once for all compliant security services. Known mechanisms include not only Kerberos, but also SSPI/NTLM for Windows, and DCE. Feel free to borrow heavily from the implementation in Postgresql (&lt;a href=&quot;http://www.postgresql.org/docs/9.1/static/auth-methods.html#GSSAPI-AUTH):&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;http://www.postgresql.org/docs/9.1/static/auth-methods.html#GSSAPI-AUTH):&lt;/a&gt; their license is far less restrictive than yours &lt;img class=&quot;emoticon&quot; src=&quot;https://jira.mongodb.org/images/icons/emoticons/tongue.png&quot; height=&quot;16&quot; width=&quot;16&quot; align=&quot;absmiddle&quot; alt=&quot;&quot; border=&quot;0&quot;/&gt; (&lt;a href=&quot;http://www.postgresql.org/about/&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;http://www.postgresql.org/about/&lt;/a&gt;).&lt;/p&gt;</comment>
                            <comment id="51767" author="daqscott" created="Wed, 31 Aug 2011 16:16:45 +0000"  >&lt;p&gt;This would greatly aid enterprise adoption. Mongo&apos;s authentication and authorization functionality is primitive at best.&lt;/p&gt;</comment>
                    </comments>
                <issuelinks>
                            <issuelinktype id="10011">
                    <name>Depends</name>
                                            <outwardlinks description="depends on">
                                        <issuelink>
            <issuekey id="43935">SERVER-6406</issuekey>
        </issuelink>
            <issuelink>
            <issuekey id="51249">SERVER-7115</issuekey>
        </issuelink>
                            </outwardlinks>
                                                                <inwardlinks description="is depended on by">
                                        <issuelink>
            <issuekey id="25112">SERVER-4319</issuekey>
        </issuelink>
            <issuelink>
            <issuekey id="25114">SERVER-4321</issuekey>
        </issuelink>
                            </inwardlinks>
                                    </issuelinktype>
                    </issuelinks>
                <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                <customfield id="customfield_10050" key="com.atlassian.jira.toolkit:comments">
                        <customfieldname># Replies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>5.0</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <customfield id="customfield_10055" key="com.atlassian.jira.ext.charting:firstresponsedate">
                        <customfieldname>Date of 1st Reply</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>Wed, 31 Aug 2011 16:16:45 +0000</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10052" key="com.atlassian.jira.toolkit:dayslastcommented">
                        <customfieldname>Days since reply</customfieldname>
                        <customfieldvalues>
                                        10 years, 51 weeks, 6 days ago
    
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_18254" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Dependencies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue><![CDATA[<s><a href='https://jira.mongodb.org/browse/SERVER-6406'>SERVER-6406</a></s>, <s><a href='https://jira.mongodb.org/browse/SERVER-7115'>SERVER-7115</a></s>]]></customfieldvalue>


                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_10057" key="com.atlassian.jira.toolkit:lastusercommented">
                        <customfieldname>Last comment by Customer</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>false</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_10056" key="com.atlassian.jira.toolkit:lastupdaterorcommenter">
                        <customfieldname>Last commenter</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>ian@mongodb.com</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_11151" key="com.atlassian.jira.toolkit:LastCommentDate">
                        <customfieldname>Last public comment date</customfieldname>
                        <customfieldvalues>
                            10 years, 51 weeks, 6 days ago
                        </customfieldvalues>
                    </customfield>
                                                                                                                        <customfield id="customfield_10000" key="com.atlassian.jira.plugin.system.customfieldtypes:radiobuttons">
                        <customfieldname>Old_Backport</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="10000"><![CDATA[No]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_10051" key="com.atlassian.jira.toolkit:participants">
                        <customfieldname>Participants</customfieldname>
                        <customfieldvalues>
                                        <customfieldvalue>schwerin@mongodb.com</customfieldvalue>
            <customfieldvalue>jblackburn</customfieldvalue>
            <customfieldvalue>leo li</customfieldvalue>
            <customfieldvalue>daqscott</customfieldvalue>
    
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                        <customfield id="customfield_14254" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Product Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|hrotu7:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|hrib9j:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>20470</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_23361" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Requested By</customfieldname>
                        <customfieldvalues>
                                

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <customfield id="customfield_10053" key="com.atlassian.jira.ext.charting:timeinstatus">
                        <customfieldname>Time In Status</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_22870" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Triagers</customfieldname>
                        <customfieldvalues>
                                

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_14350" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>serverRank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|ht05tr:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                    </customfields>
    </item>
</channel>
</rss>