<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Thu Feb 08 05:19:07 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[SERVER-49165] endSessions command in Client.Disconnect causes an authorization failure for an unauthed connection on a host that requires authentication</title>
                <link>https://jira.mongodb.org/browse/SERVER-49165</link>
                <project id="10000" key="SERVER">Core Server</project>
                    <description>&lt;p&gt;Given an unauthed connection to a host that requires authentication, these connections still need to be closed, but when&#160;&lt;tt&gt;client.disconnect&lt;/tt&gt;&#160;is called on those, disconnect runs the&#160;&lt;tt&gt;endSession&lt;/tt&gt;&#160; which results in an authorization failure. Although this failure is not logged explicitly, it can still show up in the audit logs. It seems this would require a change to the sessions specification (&lt;a href=&quot;https://github.com/mongodb/specifications/blob/master/source/sessions/driver-sessions.rst#endsession&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/specifications/blob/master/source/sessions/driver-sessions.rst#endsession&lt;/a&gt;).&lt;/p&gt;

&lt;p&gt;This issue arose in the monitoring module in the mongodb agent because it creates both the unauthed and authed client connections for all new hosts, independent of if the host requires authentication. These failures are showing up in the audit logs&#160;and can be concerning for customers from a security perspective.&#160;&lt;/p&gt;</description>
                <environment></environment>
        <key id="1359726">SERVER-49165</key>
            <summary>endSessions command in Client.Disconnect causes an authorization failure for an unauthed connection on a host that requires authentication</summary>
                <type id="1" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14703&amp;avatarType=issuetype">Bug</type>
                                            <priority id="4" iconUrl="https://jira.mongodb.org/images/icons/priorities/minor.svg">Minor - P4</priority>
                        <status id="6" iconUrl="https://jira.mongodb.org/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="success"/>
                                    <resolution id="13201">Fixed</resolution>
                                        <assignee username="sara.golemon@mongodb.com">Sara Golemon</assignee>
                                    <reporter username="julia.ruddy@mongodb.com">Julia Ruddy</reporter>
                        <labels>
                    </labels>
                <created>Thu, 21 May 2020 17:15:00 +0000</created>
                <updated>Mon, 8 Jan 2024 15:23:02 +0000</updated>
                            <resolved>Tue, 25 Aug 2020 18:05:49 +0000</resolved>
                                                    <fixVersion>4.7.0</fixVersion>
                    <fixVersion>4.4.2</fixVersion>
                    <fixVersion>4.2.11</fixVersion>
                    <fixVersion>4.0.22</fixVersion>
                                                        <votes>0</votes>
                                    <watches>8</watches>
                                                                                                                <comments>
                            <comment id="3461155" author="xgen-internal-githook" created="Fri, 23 Oct 2020 14:26:59 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{&apos;name&apos;: &apos;Sara Golemon&apos;, &apos;email&apos;: &apos;sara.golemon@mongodb.com&apos;, &apos;username&apos;: &apos;sgolemon&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-49165&quot; title=&quot;endSessions command in Client.Disconnect causes an authorization failure for an unauthed connection on a host that requires authentication&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-49165&quot;&gt;&lt;del&gt;SERVER-49165&lt;/del&gt;&lt;/a&gt; Limit auditing authz failure in endSessions command&lt;/p&gt;

&lt;p&gt;(cherry picked from commit 680eb5a61bc123d021a75b5ec5a997409ec0d36d)&lt;br/&gt;
Branch: v4.0&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/mongo/commit/9fde818493f545b6cacb5603ee0d1ab3a47d5a68&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/mongo/commit/9fde818493f545b6cacb5603ee0d1ab3a47d5a68&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="3461154" author="xgen-internal-githook" created="Fri, 23 Oct 2020 14:26:54 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{&apos;name&apos;: &apos;Sara Golemon&apos;, &apos;email&apos;: &apos;sara.golemon@mongodb.com&apos;, &apos;username&apos;: &apos;sgolemon&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-49165&quot; title=&quot;endSessions command in Client.Disconnect causes an authorization failure for an unauthed connection on a host that requires authentication&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-49165&quot;&gt;&lt;del&gt;SERVER-49165&lt;/del&gt;&lt;/a&gt; Test that no audit entry is produced for unauthed endSessions when not logged in&lt;/p&gt;

&lt;p&gt;(cherry picked from commit 48343d458c33553dc6e8b90d3a6221d8dee6a97f)&lt;br/&gt;
Branch: v4.0&lt;br/&gt;
&lt;a href=&quot;https://github.com/10gen/mongo-enterprise-modules/commit/714da9e9846c76e03a64b994c699b98932e0747b&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/10gen/mongo-enterprise-modules/commit/714da9e9846c76e03a64b994c699b98932e0747b&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="3460672" author="xgen-internal-githook" created="Fri, 23 Oct 2020 01:48:51 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{&apos;name&apos;: &apos;Sara Golemon&apos;, &apos;email&apos;: &apos;sara.golemon@mongodb.com&apos;, &apos;username&apos;: &apos;sgolemon&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-49165&quot; title=&quot;endSessions command in Client.Disconnect causes an authorization failure for an unauthed connection on a host that requires authentication&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-49165&quot;&gt;&lt;del&gt;SERVER-49165&lt;/del&gt;&lt;/a&gt; Limit auditing authz failure in endSessions command&lt;/p&gt;

&lt;p&gt;(cherry picked from commit 680eb5a61bc123d021a75b5ec5a997409ec0d36d)&lt;br/&gt;
Branch: v4.2&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/mongo/commit/1d59792abdd3242fdcf28bea23d743a999824066&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/mongo/commit/1d59792abdd3242fdcf28bea23d743a999824066&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="3460671" author="xgen-internal-githook" created="Fri, 23 Oct 2020 01:48:46 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{&apos;name&apos;: &apos;Sara Golemon&apos;, &apos;email&apos;: &apos;sara.golemon@mongodb.com&apos;, &apos;username&apos;: &apos;sgolemon&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-49165&quot; title=&quot;endSessions command in Client.Disconnect causes an authorization failure for an unauthed connection on a host that requires authentication&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-49165&quot;&gt;&lt;del&gt;SERVER-49165&lt;/del&gt;&lt;/a&gt; Test that no audit entry is produced for unauthed endSessions when not logged in&lt;/p&gt;

&lt;p&gt;(cherry picked from commit 48343d458c33553dc6e8b90d3a6221d8dee6a97f)&lt;br/&gt;
Branch: v4.2&lt;br/&gt;
&lt;a href=&quot;https://github.com/10gen/mongo-enterprise-modules/commit/8a4ed512c07a0e04cbcdf75247177da560da0055&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/10gen/mongo-enterprise-modules/commit/8a4ed512c07a0e04cbcdf75247177da560da0055&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="3460366" author="xgen-internal-githook" created="Thu, 22 Oct 2020 21:45:12 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{&apos;name&apos;: &apos;Sara Golemon&apos;, &apos;email&apos;: &apos;sara.golemon@mongodb.com&apos;, &apos;username&apos;: &apos;sgolemon&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-49165&quot; title=&quot;endSessions command in Client.Disconnect causes an authorization failure for an unauthed connection on a host that requires authentication&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-49165&quot;&gt;&lt;del&gt;SERVER-49165&lt;/del&gt;&lt;/a&gt; Limit auditing authz failure in endSessions command&lt;/p&gt;

&lt;p&gt;(cherry picked from commit 680eb5a61bc123d021a75b5ec5a997409ec0d36d)&lt;br/&gt;
Branch: v4.4&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/mongo/commit/ed2af140e1793988bcb6235629e8f3d0aea7a110&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/mongo/commit/ed2af140e1793988bcb6235629e8f3d0aea7a110&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="3460365" author="xgen-internal-githook" created="Thu, 22 Oct 2020 21:45:07 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{&apos;name&apos;: &apos;Sara Golemon&apos;, &apos;email&apos;: &apos;sara.golemon@mongodb.com&apos;, &apos;username&apos;: &apos;sgolemon&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-49165&quot; title=&quot;endSessions command in Client.Disconnect causes an authorization failure for an unauthed connection on a host that requires authentication&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-49165&quot;&gt;&lt;del&gt;SERVER-49165&lt;/del&gt;&lt;/a&gt; Test that no audit entry is produced for unauthed endSessions when not logged in&lt;/p&gt;

&lt;p&gt;(cherry picked from commit 48343d458c33553dc6e8b90d3a6221d8dee6a97f)&lt;br/&gt;
Branch: v4.4&lt;br/&gt;
&lt;a href=&quot;https://github.com/10gen/mongo-enterprise-modules/commit/cb3f93df71fcd57e07564f26743bb2ef4892a9b7&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/10gen/mongo-enterprise-modules/commit/cb3f93df71fcd57e07564f26743bb2ef4892a9b7&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="3358658" author="xgen-internal-githook" created="Tue, 25 Aug 2020 17:57:17 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{&apos;name&apos;: &apos;Sara Golemon&apos;, &apos;email&apos;: &apos;sara.golemon@mongodb.com&apos;, &apos;username&apos;: &apos;sgolemon&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-49165&quot; title=&quot;endSessions command in Client.Disconnect causes an authorization failure for an unauthed connection on a host that requires authentication&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-49165&quot;&gt;&lt;del&gt;SERVER-49165&lt;/del&gt;&lt;/a&gt; Limit auditing authz failure in endSessions command&lt;br/&gt;
Branch: master&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/mongo/commit/680eb5a61bc123d021a75b5ec5a997409ec0d36d&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/mongo/commit/680eb5a61bc123d021a75b5ec5a997409ec0d36d&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="3358657" author="xgen-internal-githook" created="Tue, 25 Aug 2020 17:57:12 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{&apos;name&apos;: &apos;Sara Golemon&apos;, &apos;email&apos;: &apos;sara.golemon@mongodb.com&apos;, &apos;username&apos;: &apos;sgolemon&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-49165&quot; title=&quot;endSessions command in Client.Disconnect causes an authorization failure for an unauthed connection on a host that requires authentication&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-49165&quot;&gt;&lt;del&gt;SERVER-49165&lt;/del&gt;&lt;/a&gt; Test that no audit entry is produced for unauthed endSessions when not logged in&lt;br/&gt;
Branch: master&lt;br/&gt;
&lt;a href=&quot;https://github.com/10gen/mongo-enterprise-modules/commit/48343d458c33553dc6e8b90d3a6221d8dee6a97f&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/10gen/mongo-enterprise-modules/commit/48343d458c33553dc6e8b90d3a6221d8dee6a97f&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="3107620" author="spencer.jackson@10gen.com" created="Tue, 26 May 2020 18:39:15 +0000"  >&lt;p&gt;The server doesn&apos;t, to the best of my knowledge, persist logical session state for unauthenticated users. Ending a session while not authenticated is a little weird, because the name of the user which owns the session is baked into the logical session&apos;s internal ID.&lt;/p&gt;

&lt;p&gt;If a session is used on a connection which has never been authenticated, &quot;ending&quot; such a such would just be a no-op.&lt;/p&gt;

&lt;p&gt;If a client-side session ID had ever actually been used however, then it will not be possible to end it without being authenticated as the user which created it. It also wouldn&apos;t be possible for unauthenticated clients to tell whether it has been used.&lt;/p&gt;

&lt;p&gt;Possible alternatives I could imagine:&lt;/p&gt;
&lt;ul&gt;
	&lt;li&gt;Make endSessions a no-op for unauthenticated clients, and accept that sessions will not be killed if a client logs in, uses a session, logs out, and then attempts to endSession.&lt;/li&gt;
	&lt;li&gt;Make endSessions return a runtime error rather than an authorization error when run by unauthenticated clients&lt;/li&gt;
&lt;/ul&gt;


&lt;p&gt;&#160;&lt;/p&gt;

&lt;p&gt;&lt;a href=&quot;https://jira.mongodb.org/secure/ViewProfile.jspa?name=mira.carey%40mongodb.com&quot; class=&quot;user-hover&quot; rel=&quot;mira.carey@mongodb.com&quot;&gt;mira.carey@mongodb.com&lt;/a&gt; do you have any other ideas?&lt;/p&gt;</comment>
                            <comment id="3105257" author="divjot.arora" created="Sun, 24 May 2020 15:24:32 +0000"  >&lt;p&gt;&lt;a href=&quot;https://jira.mongodb.org/secure/ViewProfile.jspa?name=john.morales&quot; class=&quot;user-hover&quot; rel=&quot;john.morales&quot;&gt;john.morales&lt;/a&gt;&#160;Thanks for the background! The monitoring agent&apos;s use case definitely makes sense.&lt;/p&gt;

&lt;p&gt;I don&apos;t think this DRIVERS ticket is worth doing. It would require additional API to either close a client without running &lt;tt&gt;endSessions&lt;/tt&gt; or to opt out of sessions when creating a client. Doing either of these across drivers and then documenting when a user might want them seems like more work than it&apos;s worth. The large majority of users aren&apos;t creating unauthenticated connections to servers that require auth, so sessions &quot;just work&quot; for them.&lt;/p&gt;

&lt;p&gt;&lt;a href=&quot;https://jira.mongodb.org/secure/ViewProfile.jspa?name=jeff.yemin&quot; class=&quot;user-hover&quot; rel=&quot;jeff.yemin&quot;&gt;jeff.yemin&lt;/a&gt;&#160;The server team can comment about the viability of making endSessions a no-op for this use case, but I think a server-side fix won&apos;t be enough for Cloud as they need to support already released versions of the server. This is the same issue we ran into when Cloud first upgraded to the 1.1.x branch and had to workaround a bug that was fixed and backported to 3.6, but existed in previous 3.6 releases.&lt;/p&gt;

&lt;p&gt;Given all of this, I think we should close out this DRIVERS ticket and possibly file a SERVER ticket depending on input from &lt;a href=&quot;https://jira.mongodb.org/secure/ViewProfile.jspa?name=mira.carey%40mongodb.com&quot; class=&quot;user-hover&quot; rel=&quot;mira.carey@mongodb.com&quot;&gt;mira.carey@mongodb.com&lt;/a&gt;&#160;or &lt;a href=&quot;https://jira.mongodb.org/secure/ViewProfile.jspa?name=spencer.jackson&quot; class=&quot;user-hover&quot; rel=&quot;spencer.jackson&quot;&gt;spencer.jackson&lt;/a&gt;&#160;to allow this behavior in future releases. We can discuss either making a Go-specific fix or changing the monitoring agent to use lower-level driver APIs, but that discussion should be elsewhere.&lt;/p&gt;</comment>
                            <comment id="3102797" author="divjot.arora" created="Thu, 21 May 2020 17:26:09 +0000"  >&lt;p&gt;For additional context, the Go driver does ignore errors from the &lt;tt&gt;endSessions&lt;/tt&gt; command per the sessions spec, but the monitoring agent is a special use-case because it parses server logs, which show the unauthorized &lt;tt&gt;endSessions&lt;/tt&gt; attempt.&lt;/p&gt;</comment>
                    </comments>
                <issuelinks>
                            <issuelinktype id="10420">
                    <name>Backports</name>
                                            <outwardlinks description="backported by">
                                                        </outwardlinks>
                                                        </issuelinktype>
                            <issuelinktype id="10010">
                    <name>Duplicate</name>
                                                                <inwardlinks description="is duplicated by">
                                        <issuelink>
            <issuekey id="1436739">SERVER-50211</issuekey>
        </issuelink>
                            </inwardlinks>
                                    </issuelinktype>
                            <issuelinktype id="10012">
                    <name>Related</name>
                                            <outwardlinks description="related to">
                                                        </outwardlinks>
                                                                <inwardlinks description="is related to">
                                                        </inwardlinks>
                                    </issuelinktype>
                    </issuelinks>
                <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                <customfield id="customfield_10050" key="com.atlassian.jira.toolkit:comments">
                        <customfieldname># Replies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>11.0</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_18555" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname># of Sprints</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>3.0</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                <customfield id="customfield_12450" key="com.atlassian.jira.plugin.system.customfieldtypes:multicheckboxes">
                        <customfieldname>Backport Requested</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="18953"><![CDATA[v4.4]]></customfieldvalue>
    <customfieldvalue key="16775"><![CDATA[v4.2]]></customfieldvalue>
    <customfieldvalue key="15640"><![CDATA[v4.0]]></customfieldvalue>
    
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10011" key="com.atlassian.jira.plugin.system.customfieldtypes:radiobuttons">
                        <customfieldname>Backwards Compatibility</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="10011"><![CDATA[Minor Change]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                    <customfield id="customfield_13552" key="com.go2group.jira.plugin.crm:crm_generic_field">
                        <customfieldname>Case</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue><![CDATA[[5002K00000lnORJQA2, 5002K00000tVmTjQAK]]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_10055" key="com.atlassian.jira.ext.charting:firstresponsedate">
                        <customfieldname>Date of 1st Reply</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>Thu, 21 May 2020 17:26:09 +0000</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10052" key="com.atlassian.jira.toolkit:dayslastcommented">
                        <customfieldname>Days since reply</customfieldname>
                        <customfieldvalues>
                                        3 years, 15 weeks, 5 days ago
    
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_18254" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Dependencies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue><![CDATA[]]></customfieldvalue>


                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                        <customfield id="customfield_17050" key="com.atlassian.jira.plugin.system.customfieldtypes:radiobuttons">
                        <customfieldname>Downstream Team Attention</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="16941"><![CDATA[Not Needed]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <customfield id="customfield_10057" key="com.atlassian.jira.toolkit:lastusercommented">
                        <customfieldname>Last comment by Customer</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>true</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_10056" key="com.atlassian.jira.toolkit:lastupdaterorcommenter">
                        <customfieldname>Last commenter</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>luke.bonanomi@mongodb.com</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_11151" key="com.atlassian.jira.toolkit:LastCommentDate">
                        <customfieldname>Last public comment date</customfieldname>
                        <customfieldvalues>
                            3 years, 15 weeks, 5 days ago
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                <customfield id="customfield_10051" key="com.atlassian.jira.toolkit:participants">
                        <customfieldname>Participants</customfieldname>
                        <customfieldvalues>
                                        <customfieldvalue>divjot.arora@mongodb.com</customfieldvalue>
            <customfieldvalue>xgen-internal-githook</customfieldvalue>
            <customfieldvalue>julia.ruddy@mongodb.com</customfieldvalue>
            <customfieldvalue>sara.golemon@mongodb.com</customfieldvalue>
            <customfieldvalue>spencer.jackson@mongodb.com</customfieldvalue>
    
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                        <customfield id="customfield_14254" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Product Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|hxml67:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|hx9u8n:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>9223372036854775807</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_23361" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Requested By</customfieldname>
                        <customfieldvalues>
                                

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                        <customfield id="customfield_10557" key="com.pyxis.greenhopper.jira:gh-sprint">
                        <customfieldname>Sprint</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue id="4065">Security 2020-08-10</customfieldvalue>
    <customfieldvalue id="4144">Security 2020-08-24</customfieldvalue>
    <customfieldvalue id="4145">Security 2020-09-07</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_10053" key="com.atlassian.jira.ext.charting:timeinstatus">
                        <customfieldname>Time In Status</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_22870" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Triagers</customfieldname>
                        <customfieldvalues>
                                

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_14350" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>serverRank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|hxm7fj:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                    </customfields>
    </item>
</channel>
</rss>