<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Thu Feb 08 06:52:35 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[SERVER-83575] I have enabled authentication and still can connect without username and password to MongoDB</title>
                <link>https://jira.mongodb.org/browse/SERVER-83575</link>
                <project id="10000" key="SERVER">Core Server</project>
                    <description>&lt;h3&gt;&lt;a name=&quot;ProblemStatement%2FRationale&quot;&gt;&lt;/a&gt;&lt;b&gt;Problem Statement/Rationale&lt;/b&gt;&lt;/h3&gt;

&lt;p&gt;I have enabled authentication and still can connect without username and password to MongoDB&lt;/p&gt;

&lt;p&gt;&lt;b&gt;Please be sure to attach relevant logs &lt;em&gt;with any sensitive data redacted&lt;/em&gt;.&lt;/b&gt;&lt;/p&gt;



&lt;p&gt;{{&lt;/p&gt;
{
  &quot;t&quot;: \{ &quot;$date&quot;: &quot;2023-11-26T10:39:15.483+00:00&quot; }
&lt;p&gt;,&lt;br/&gt;
  &quot;s&quot;: &quot;I&quot;,&lt;br/&gt;
  &quot;c&quot;: &quot;CONTROL&quot;,&lt;br/&gt;
  &quot;id&quot;: 21951,&lt;br/&gt;
  &quot;ctx&quot;: &quot;initandlisten&quot;,&lt;br/&gt;
  &quot;msg&quot;: &quot;Options set by command line&quot;,&lt;br/&gt;
  &quot;attr&quot;: {&lt;br/&gt;
    &quot;options&quot;: {&lt;br/&gt;
      &quot;config&quot;: &quot;/etc/mongod.conf&quot;,&lt;br/&gt;
      &quot;net&quot;: {&lt;br/&gt;
        &quot;bindIp&quot;: &quot;*&quot;,&lt;br/&gt;
        &quot;ipv6&quot;: false,&lt;br/&gt;
        &quot;port&quot;: 27017,&lt;br/&gt;
        &quot;tls&quot;: &lt;/p&gt;
{
          &quot;certificateKeyFile&quot;: &quot;/etc/ssl/mongodb.pem&quot;,
          &quot;mode&quot;: &quot;requireTLS&quot;
        }
&lt;p&gt;      },&lt;br/&gt;
      &quot;processManagement&quot;: {&lt;br/&gt;
        &quot;fork&quot;: false,&lt;br/&gt;
        &quot;pidFilePath&quot;: &quot;/var/lib/mongodb/mongodb.pid&quot;&lt;br/&gt;
      },&lt;br/&gt;
      &quot;security&quot;: { &quot;authorization&quot;: &quot;enabled&quot; },&lt;br/&gt;
      &quot;setParameter&quot;: { &quot;enableLocalhostAuthBypass&quot;: &quot;false&quot; },&lt;br/&gt;
      &quot;storage&quot;: { &quot;dbPath&quot;: &quot;/var/lib/mongodb&quot;, &quot;directoryPerDB&quot;: false },&lt;br/&gt;
      &quot;systemLog&quot;: {&lt;br/&gt;
        &quot;destination&quot;: &quot;file&quot;,&lt;br/&gt;
        &quot;logAppend&quot;: true,&lt;br/&gt;
        &quot;logRotate&quot;: &quot;reopen&quot;,&lt;br/&gt;
        &quot;path&quot;: &quot;/var/log/mongodb/mongod.log&quot;,&lt;br/&gt;
        &quot;quiet&quot;: false,&lt;br/&gt;
        &quot;verbosity&quot;: 0&lt;br/&gt;
      }&lt;br/&gt;
    }&lt;br/&gt;
  }&lt;br/&gt;
}}}&lt;/p&gt;
&lt;h3&gt;&lt;a name=&quot;StepstoReproduce&quot;&gt;&lt;/a&gt;&lt;b&gt;Steps to Reproduce&lt;/b&gt;&lt;/h3&gt;

&lt;p&gt;&lt;font color=&quot;#505f79&quot;&gt;Configure mongod service to use authorization using the following config, then restart mongod service.&#160;&lt;/font&gt;&lt;/p&gt;

&lt;p&gt;&#160;&lt;/p&gt;

&lt;p&gt;&lt;font color=&quot;#505f79&quot;&gt;{{# set parameter options&lt;br/&gt;
setParameter:&lt;br/&gt;
   enableLocalhostAuthBypass: false&lt;br/&gt;
&lt;br/&gt;
# security options&lt;br/&gt;
security:&lt;br/&gt;
  authorization: enabled&lt;br/&gt;
  #keyFile: replace_me}}&lt;/font&gt;&lt;/p&gt;

&lt;p&gt;&lt;font color=&quot;#505f79&quot;&gt;{{}}&lt;/font&gt;&lt;/p&gt;
&lt;h3&gt;&lt;a name=&quot;ExpectedResults&quot;&gt;&lt;/a&gt;&lt;b&gt;Expected Results&lt;/b&gt;&lt;/h3&gt;

&lt;p&gt;&lt;font color=&quot;#505f79&quot;&gt;I expect to impossible to connect without username and password&lt;/font&gt;&lt;/p&gt;
&lt;h3&gt;&lt;a name=&quot;ActualResults&quot;&gt;&lt;/a&gt;&lt;b&gt;Actual Results&lt;/b&gt;&lt;/h3&gt;

&lt;p&gt;&lt;font color=&quot;#505f79&quot;&gt;I observe, it is possible to connect without username and password, by simply execute the $mongosh command.&lt;/font&gt;&lt;/p&gt;
&lt;h3&gt;&lt;a name=&quot;AdditionalNotes&quot;&gt;&lt;/a&gt;&lt;b&gt;Additional Notes&lt;/b&gt;&lt;/h3&gt;

&lt;p&gt;&lt;font color=&quot;#505f79&quot;&gt;Any additional information that may be useful to include.&lt;/font&gt;&lt;/p&gt;</description>
                <environment>OS: ubuntu 22.04&lt;br/&gt;
Using MongoDB: 7.0.3&lt;br/&gt;
Using Mongosh:   2.1.0&lt;br/&gt;
&lt;br/&gt;
</environment>
        <key id="2509069">SERVER-83575</key>
            <summary>I have enabled authentication and still can connect without username and password to MongoDB</summary>
                <type id="6" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14720&amp;avatarType=issuetype">Question</type>
                                            <priority id="3" iconUrl="https://jira.mongodb.org/images/icons/priorities/major.svg">Major - P3</priority>
                        <status id="6" iconUrl="https://jira.mongodb.org/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="success"/>
                                    <resolution id="9">Done</resolution>
                                        <assignee username="-1">Unassigned</assignee>
                                    <reporter username="gabor.horovitz@gmail.com">Gabor Horovitz</reporter>
                        <labels>
                    </labels>
                <created>Sun, 26 Nov 2023 16:52:06 +0000</created>
                <updated>Wed, 13 Dec 2023 16:07:28 +0000</updated>
                            <resolved>Wed, 13 Dec 2023 16:07:28 +0000</resolved>
                                                                                        <votes>0</votes>
                                    <watches>4</watches>
                                                                                                                <comments>
                            <comment id="5948215" author="eric.sedor" created="Wed, 13 Dec 2023 16:07:15 +0000"  >&lt;p&gt;For this issue we&apos;d like to encourage you to start by asking our community for help by posting on the &lt;a href=&quot;https://www.mongodb.com/community/forums&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;MongoDB Developer Community Forums&lt;/a&gt;.&lt;/p&gt;

&lt;p&gt;If the discussion there leads you to suspect a bug in the MongoDB server, then we&apos;d want to investigate it as a possible bug here in the SERVER project.&lt;/p&gt;

&lt;p&gt;Sincerely,&lt;/p&gt;

&lt;p&gt;Eric&lt;/p&gt;</comment>
                            <comment id="5904511" author="dbeng-pm-bot" created="Sun, 26 Nov 2023 16:52:08 +0000"  >&lt;p&gt;Hello &lt;a href=&quot;https://jira.mongodb.org/secure/ViewProfile.jspa?name=gabor.horovitz%40gmail.com&quot; class=&quot;user-hover&quot; rel=&quot;gabor.horovitz@gmail.com&quot;&gt;gabor.horovitz@gmail.com&lt;/a&gt;, thank you for reaching out to us! The team will review your issue and get back to you soon as soon as possible. &lt;/p&gt;

&lt;p&gt;Please review your issue to ensure you&apos;ve included your environment details and have attached relevant logs (with any sensitive data redacted), so that we&apos;re best able to provide you a timely and thorough response. Thanks again!&lt;/p&gt;</comment>
                    </comments>
                    <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                <customfield id="customfield_10050" key="com.atlassian.jira.toolkit:comments">
                        <customfieldname># Replies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2.0</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <customfield id="customfield_10055" key="com.atlassian.jira.ext.charting:firstresponsedate">
                        <customfieldname>Date of 1st Reply</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>Sun, 26 Nov 2023 16:52:08 +0000</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10052" key="com.atlassian.jira.toolkit:dayslastcommented">
                        <customfieldname>Days since reply</customfieldname>
                        <customfieldvalues>
                                        8 weeks ago
    
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_18254" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Dependencies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue><![CDATA[]]></customfieldvalue>


                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_10057" key="com.atlassian.jira.toolkit:lastusercommented">
                        <customfieldname>Last comment by Customer</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>true</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_10056" key="com.atlassian.jira.toolkit:lastupdaterorcommenter">
                        <customfieldname>Last commenter</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>eric.sedor@mongodb.com</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_11151" key="com.atlassian.jira.toolkit:LastCommentDate">
                        <customfieldname>Last public comment date</customfieldname>
                        <customfieldvalues>
                            8 weeks ago
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                    <customfield id="customfield_10051" key="com.atlassian.jira.toolkit:participants">
                        <customfieldname>Participants</customfieldname>
                        <customfieldvalues>
                                        <customfieldvalue>eric.sedor@mongodb.com</customfieldvalue>
            <customfieldvalue>gabor.horovitz@gmail.com</customfieldvalue>
            <customfieldvalue>dbeng-pm-bot</customfieldvalue>
    
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                        <customfield id="customfield_14254" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Product Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|i31xr3:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|i2jqpw:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>9223372036854775807</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_23361" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Requested By</customfieldname>
                        <customfieldvalues>
                                

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <customfield id="customfield_10053" key="com.atlassian.jira.ext.charting:timeinstatus">
                        <customfieldname>Time In Status</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_22870" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Triagers</customfieldname>
                        <customfieldvalues>
                                

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_14350" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>serverRank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|i31jwf:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                    </customfields>
    </item>
</channel>
</rss>