<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Thu Feb 08 03:15:05 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[SERVER-7626] Provide configuration option to disable usage of db.auth()</title>
                <link>https://jira.mongodb.org/browse/SERVER-7626</link>
                <project id="10000" key="SERVER">Core Server</project>
                    <description>&lt;p&gt;Usage of db.auth means a password (often admin) needs to be typed in clear text. However the authentication can be performed on connection to MongoDB so that no password is ever displayed in clear text.&lt;/p&gt;

&lt;p&gt;If authentication without using db.auth() is the best practice for a MongoDB user, they should be able to enforce it by setting a configuration option which means that the db.auth() command cannot be used for authentication.&lt;/p&gt;</description>
                <environment>RHEL 6.2</environment>
        <key id="56009">SERVER-7626</key>
            <summary>Provide configuration option to disable usage of db.auth()</summary>
                <type id="4" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14710&amp;avatarType=issuetype">Improvement</type>
                                            <priority id="3" iconUrl="https://jira.mongodb.org/images/icons/priorities/major.svg">Major - P3</priority>
                        <status id="6" iconUrl="https://jira.mongodb.org/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="success"/>
                                    <resolution id="9">Done</resolution>
                                        <assignee username="schwerin@mongodb.com">Andy Schwerin</assignee>
                                    <reporter username="simon.harvey@citi.com">Simon Harvey</reporter>
                        <labels>
                    </labels>
                <created>Mon, 12 Nov 2012 13:01:03 +0000</created>
                <updated>Fri, 30 Oct 2015 14:44:56 +0000</updated>
                            <resolved>Wed, 5 Dec 2012 21:06:14 +0000</resolved>
                                    <version>2.2.0</version>
                                    <fixVersion>2.3.2</fixVersion>
                                    <component>Security</component>
                                        <votes>0</votes>
                                    <watches>6</watches>
                                                                                                                <comments>
                            <comment id="213114" author="craiggwilson" created="Wed, 12 Dec 2012 15:31:25 +0000"  >&lt;p&gt;I mean this in reference to your statement: &quot;You can enable one, both or neither, but if you do neither and have passed --auth as well, you won&apos;t be able to log in.&quot;&lt;/p&gt;

&lt;p&gt;Let&apos;s not let them explicitly specify neither if they have passed --auth.  If they don&apos;t specified authenticationMechanisms at all, then MONGO-CR is defaulted.  However, if they specify authenticationMechanisms=&quot;&quot;, then let&apos;s abort startup.&lt;/p&gt;

&lt;p&gt;In addition, we should abort startup if they specify authenticationMechanisms by do NOT specify --auth.&lt;/p&gt;</comment>
                            <comment id="213089" author="schwerin" created="Wed, 12 Dec 2012 14:55:54 +0000"  >&lt;p&gt;Do you mean if you specify --setParameter authenticationMechanisms=&quot;&quot;, or to you mean you totally omitted it?  In the latter case, I don&apos;t see a strong reason not to preserve the default behavior of using MONGO-CR.  Most customers, even subscription customers, will continue to use MONGO-CR in 2.4, and changing the default would require them to change their startup flags.&lt;/p&gt;</comment>
                            <comment id="213058" author="craiggwilson" created="Wed, 12 Dec 2012 14:12:48 +0000"  >&lt;p&gt;If you have specified neither and specified --auth, can we not refuse to startup with a nice error message explaining the problem.&lt;/p&gt;</comment>
                            <comment id="207426" author="schwerin" created="Wed, 5 Dec 2012 21:05:45 +0000"  >&lt;p&gt;In the subscription product, as of 2.3.2 you will be able to specify which authentication mechanisms to support when starting mongod/mongos.  The option will be &quot;--setParameter authenticationMechanisms=&amp;lt;comma-separated-list&amp;gt;&quot;  MONGO-CR signifies the old-style challenge-response authentication.  GSSAPI is for Kerberos.  You can enable one, both or neither, but if you do neither and have passed --auth as well, you won&apos;t be able to log in.&lt;/p&gt;

&lt;p&gt;Examples:&lt;/p&gt;

&lt;p&gt;Default, allows only old-style authentication.&lt;/p&gt;
&lt;p/&gt;
&lt;div id=&quot;syntaxplugin&quot; class=&quot;syntaxplugin&quot; style=&quot;border: 1px dashed #bbb; border-radius: 5px !important; overflow: auto; max-height: 30em;&quot;&gt;
&lt;table cellspacing=&quot;0&quot; cellpadding=&quot;0&quot; border=&quot;0&quot; width=&quot;100%&quot; style=&quot;font-size: 1em; line-height: 1.4em !important; font-weight: normal; font-style: normal; color: black;&quot;&gt;
		&lt;tbody &gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;  margin-top: 10px;   margin-bottom: 10px;  width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;mongod --auth&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
			&lt;/tbody&gt;
&lt;/table&gt;
&lt;/div&gt;
&lt;p/&gt;

&lt;p&gt;Same as above, but explicitly enables old-style authentication.&lt;/p&gt;
&lt;p/&gt;
&lt;div id=&quot;syntaxplugin&quot; class=&quot;syntaxplugin&quot; style=&quot;border: 1px dashed #bbb; border-radius: 5px !important; overflow: auto; max-height: 30em;&quot;&gt;
&lt;table cellspacing=&quot;0&quot; cellpadding=&quot;0&quot; border=&quot;0&quot; width=&quot;100%&quot; style=&quot;font-size: 1em; line-height: 1.4em !important; font-weight: normal; font-style: normal; color: black;&quot;&gt;
		&lt;tbody &gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;  margin-top: 10px;   margin-bottom: 10px;  width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;mongod --auth --setParameter authenticationMechanisms=MONGO-CR&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
			&lt;/tbody&gt;
&lt;/table&gt;
&lt;/div&gt;
&lt;p/&gt;

&lt;p&gt;Only enable GSSAPI/Kerberos&lt;/p&gt;
&lt;p/&gt;
&lt;div id=&quot;syntaxplugin&quot; class=&quot;syntaxplugin&quot; style=&quot;border: 1px dashed #bbb; border-radius: 5px !important; overflow: auto; max-height: 30em;&quot;&gt;
&lt;table cellspacing=&quot;0&quot; cellpadding=&quot;0&quot; border=&quot;0&quot; width=&quot;100%&quot; style=&quot;font-size: 1em; line-height: 1.4em !important; font-weight: normal; font-style: normal; color: black;&quot;&gt;
		&lt;tbody &gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;  margin-top: 10px;   margin-bottom: 10px;  width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;mongod --auth --setParameter authenticationMechanisms=GSSAPI&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
			&lt;/tbody&gt;
&lt;/table&gt;
&lt;/div&gt;
&lt;p/&gt;

&lt;p&gt;Enable both&lt;/p&gt;
&lt;p/&gt;
&lt;div id=&quot;syntaxplugin&quot; class=&quot;syntaxplugin&quot; style=&quot;border: 1px dashed #bbb; border-radius: 5px !important; overflow: auto; max-height: 30em;&quot;&gt;
&lt;table cellspacing=&quot;0&quot; cellpadding=&quot;0&quot; border=&quot;0&quot; width=&quot;100%&quot; style=&quot;font-size: 1em; line-height: 1.4em !important; font-weight: normal; font-style: normal; color: black;&quot;&gt;
		&lt;tbody &gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;  margin-top: 10px;   margin-bottom: 10px;  width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;mongod --auth --setParameter authenticationMechanisms=MONGO-CR,GSSAPI&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
			&lt;/tbody&gt;
&lt;/table&gt;
&lt;/div&gt;
&lt;p/&gt;</comment>
                            <comment id="207423" author="schwerin" created="Wed, 5 Dec 2012 21:01:19 +0000"  >&lt;p&gt;Use setParameter to specify supported authentication mechanisms in subscription product.&lt;/p&gt;

&lt;p&gt;&lt;a href=&quot;https://github.com/10gen/mongo-enterprise-modules/commit/28447a97525aad689f3ed8663e4aab09e0b097b3&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/10gen/mongo-enterprise-modules/commit/28447a97525aad689f3ed8663e4aab09e0b097b3&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="206631" author="auto" created="Tue, 4 Dec 2012 23:33:05 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{u&apos;date&apos;: u&apos;2012-12-04T18:14:05Z&apos;, u&apos;email&apos;: u&apos;schwerin@10gen.com&apos;, u&apos;name&apos;: u&apos;Andy Schwerin&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-7626&quot; title=&quot;Provide configuration option to disable usage of db.auth()&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-7626&quot;&gt;&lt;del&gt;SERVER-7626&lt;/del&gt;&lt;/a&gt; Provide a facility for disabling the mongo challenge-response commands in server source.&lt;/p&gt;

&lt;p&gt;This patch provides a mechanism for disabling the &quot;nonce&quot; and &quot;authenticate&quot; commands at runtime.  A&lt;br/&gt;
separate patch, in the subscription codebase, provides a startup parameter for choosing authentication&lt;br/&gt;
mechanisms to support.&lt;/p&gt;

&lt;p&gt;Related to &lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-7119&quot; title=&quot;Add SASL config option(s)&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-7119&quot;&gt;&lt;del&gt;SERVER-7119&lt;/del&gt;&lt;/a&gt;.&lt;br/&gt;
Branch: master&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/mongo/commit/55bb0f445ee535fd3091b6f0436f4e0ed5c9a19b&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/mongo/commit/55bb0f445ee535fd3091b6f0436f4e0ed5c9a19b&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="187661" author="simon.harvey@citi.com" created="Tue, 13 Nov 2012 10:25:32 +0000"  >&lt;p&gt;Thanks for the quick update on this Andy.&lt;/p&gt;

&lt;p&gt;Regards,&lt;/p&gt;

&lt;p&gt;        Simon.&lt;/p&gt;
</comment>
                            <comment id="187392" author="schwerin" created="Tue, 13 Nov 2012 04:13:57 +0000"  >&lt;p&gt;I intended &lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-7119&quot; title=&quot;Add SASL config option(s)&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-7119&quot;&gt;&lt;del&gt;SERVER-7119&lt;/del&gt;&lt;/a&gt; to include this, but the wording is vague.  This is a must for 2.3.2.&lt;/p&gt;</comment>
                    </comments>
                <issuelinks>
                            <issuelinktype id="10011">
                    <name>Depends</name>
                                            <outwardlinks description="depends on">
                                        <issuelink>
            <issuekey id="51255">SERVER-7119</issuekey>
        </issuelink>
                            </outwardlinks>
                                                                <inwardlinks description="is depended on by">
                                                        </inwardlinks>
                                    </issuelinktype>
                            <issuelinktype id="10012">
                    <name>Related</name>
                                                                <inwardlinks description="is related to">
                                                        </inwardlinks>
                                    </issuelinktype>
                    </issuelinks>
                <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                <customfield id="customfield_10050" key="com.atlassian.jira.toolkit:comments">
                        <customfieldname># Replies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>8.0</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_10011" key="com.atlassian.jira.plugin.system.customfieldtypes:radiobuttons">
                        <customfieldname>Backwards Compatibility</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="10038"><![CDATA[Fully Compatible]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_10055" key="com.atlassian.jira.ext.charting:firstresponsedate">
                        <customfieldname>Date of 1st Reply</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>Mon, 12 Nov 2012 16:41:52 +0000</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10052" key="com.atlassian.jira.toolkit:dayslastcommented">
                        <customfieldname>Days since reply</customfieldname>
                        <customfieldvalues>
                                        11 years, 10 weeks ago
    
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_18254" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Dependencies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue><![CDATA[<s><a href='https://jira.mongodb.org/browse/SERVER-7119'>SERVER-7119</a></s>]]></customfieldvalue>


                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_10057" key="com.atlassian.jira.toolkit:lastusercommented">
                        <customfieldname>Last comment by Customer</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>true</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_10056" key="com.atlassian.jira.toolkit:lastupdaterorcommenter">
                        <customfieldname>Last commenter</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>andreas.nilsson</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_11151" key="com.atlassian.jira.toolkit:LastCommentDate">
                        <customfieldname>Last public comment date</customfieldname>
                        <customfieldvalues>
                            11 years, 10 weeks ago
                        </customfieldvalues>
                    </customfield>
                                                                                                                        <customfield id="customfield_10000" key="com.atlassian.jira.plugin.system.customfieldtypes:radiobuttons">
                        <customfieldname>Old_Backport</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="10000"><![CDATA[No]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_10051" key="com.atlassian.jira.toolkit:participants">
                        <customfieldname>Participants</customfieldname>
                        <customfieldvalues>
                                        <customfieldvalue>schwerin@mongodb.com</customfieldvalue>
            <customfieldvalue>auto</customfieldvalue>
            <customfieldvalue>craig.wilson@mongodb.com</customfieldvalue>
            <customfieldvalue>simon.harvey@citi.com</customfieldvalue>
    
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                        <customfield id="customfield_14254" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Product Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|hrni3j:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|hrkhsf:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>33330</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_23361" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Requested By</customfieldname>
                        <customfieldvalues>
                                

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <customfield id="customfield_10053" key="com.atlassian.jira.ext.charting:timeinstatus">
                        <customfieldname>Time In Status</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_22870" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Triagers</customfieldname>
                        <customfieldvalues>
                                

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_14350" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>serverRank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|hs9wbr:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                    </customfields>
    </item>
</channel>
</rss>