Drivers

← MongoDB Feedback Engine

How can we improve the MongoDB Drivers?

Enter your idea

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

csfle support for zOS

Please modify your drivers so our java applications can encrypt and decrypt from the mainframe (zOS) UNIX environment. This missing feature is a road-block to our migration to Atlas.

We have multiple Java applications that run on an IBM mainframe. Those applications read and write into MongoDB collections, like inserting Mainframe data into MongoDB collections. The mongo-crypt driver for CSFLE does not work on the Mainframe UNIX environment.

Company policy states we have to encrypt all PHI/PII data prior to inserting the data into Atlas.

I had opened a support ticket with MongoDB and the final reply was you do not support zOS and to put in this request. (Case number 00802484)

Here is the error message I shared with MongoDB:
Exception in thread "main" java.lang.UnsatisfiedLinkError: Native library (com/sun/jna/z/os-s390/libjnidispatch.so) not found in resource path (Ýfile:/sharedappdev/test/CD/apps/mongopoc/mongo40apps/,
file:/ST/usr/lpp/java/IBM/J8.0/lib/, file:/ST/usr/lpp/java/IBM/J8.0/lib/ext/,
file:/ST/usr/lpp/java/json/org.json-20120521.jar,
file:/sharedappdev/test/CD/apps/mongopoc/mongo40apps/CDRMigrateAccumsToAtlas.jar,
file:/sharedappdev/test/CD/apps/mongopoc/mongo40apps/bson-4.2.3.jar,
file:/sharedappdev/test/CD/apps/mongopoc/mongo40apps/jna-5.6.0.jar,
file:/sharedappdev/test/CD/apps/mongopoc/mongo40apps/json-20160810.jar,
file:/sharedappdev/test/CD/apps/mongopoc/mongo40apps/logback-classic-1.2.3.jar,
file:/sharedappdev/test/CD/apps/mongopoc/mongo40apps/logback-core-1.2.3.jar,
file:/sharedappdev/test/CD/apps/mongopoc/mongo40apps/mongodb-crypt-1.2.0.jar,
file:/sharedappdev/test/CD/apps/mongopoc/mongo40apps/mongodb-driver-core-4.2.3.jar,
file:/sharedappdev/test/CD/apps/mongopoc/mongo40apps/mongodb-driver-sync-4.2.3.jar,
file:/sharedappdev/test/CD/apps/mongopoc/mongo40apps/recordio.jar,
file:/sharedappdev/test/CD/apps/mongopoc/mongo40apps/slf4j-api-1.7.6.jar,
file:/sharedappdev/test/CD/apps/mongopoc/mongo40apps/vault-java-driver-5.1.0.jar,
file:/sharedappdev/test/CD/apps/mongopoc/mongo40apps/*.mar¨)
at com.sun.jna.Native.loadNativeDispatchLibraryFromClasspath(Native.java:1032)
at com.sun.jna.Native.loadNativeDispatchLibrary(Native.java:988)
at com.sun.jna.Native.<clinit>(Native.java:195)

Please modify your drivers so our java applications can encrypt and decrypt from the mainframe (zOS) UNIX environment. This missing feature is a road-block to our migration to Atlas.

We have multiple Java applications that run on an IBM mainframe. Those applications read and write into MongoDB collections, like inserting Mainframe data into MongoDB collections. The mongo-crypt driver for CSFLE does not work on the Mainframe UNIX environment.

Company policy states we have to encrypt all PHI/PII data prior to inserting the data into Atlas.

I had opened a support ticket with MongoDB and the final reply was you do…

7 votes

We're glad you're here
Please sign in to leave feedback

Signed in as (Sign out)

Close

Close

We’ll send you updates on this idea

under review · 0 comments · Java · Flag idea as inappropriate… · Delete… · Admin →

How important is this to you?

We're glad you're here
Please sign in to leave feedback

Signed in as (Sign out)

Close

Close
For Client Side Field Level Encryption (CSFLE) load IAM credentials for KMS by default

In order to get the mongodb csfle lib to work with AWS KMS we need to set
the following provider details explicitly: accessKeyId and secretAccessKey.

It is common and more secure practice for applications to be able to load these automatically.

If we do not supply the accessKeyId and secretAccessKey then the java driver could make an API call to
retrieve temporary credentials from the EC2 instance it is running on.

It is explained in detail here:
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html

3 votes

We're glad you're here
Please sign in to leave feedback

Signed in as (Sign out)

Close

Close

We’ll send you updates on this idea

under review · 1 comment · Java · Flag idea as inappropriate… · Delete… · Admin →

How important is this to you?

We're glad you're here
Please sign in to leave feedback

Signed in as (Sign out)

Close

Close

Don't see your idea?

Drivers

How can we improve the MongoDB Drivers?

csfle support for zOS

For Client Side Field Level Encryption (CSFLE) load IAM credentials for KMS by default

Feedback

Drivers

Feedback and Knowledge Base

Searching…

Give feedback

How can we improve the MongoDB Drivers?

We're glad you're here

csfle support for zOS

We're glad you're here

We're glad you're here

For Client Side Field Level Encryption (CSFLE) load IAM credentials for KMS by default

We're glad you're here

We're glad you're here

We're glad you're here

We're glad you're here

Drivers

Categories

Searching…

Give feedback