-
Type: Bug
-
Resolution: Won't Do
-
Priority: Major - P3
-
None
-
Affects Version/s: 1.1.2
-
Component/s: Authentication
-
None
From TOOLS-2380, the Go driver doesn't appear to authenticate in a direct connection to a hidden secondary. This has caused a regression in tools, as users want to dump from hidden members to avoid load on members serving applications.
Reproduction:
- mongod 4.2.0
- 4 node replica set with 1 hidden member
- authentication enabled: "root" user with "root" role
- directly connecting to hidden member errors with "(Unauthorized) command listDatabases requires authentication"
- directly connecting to secondary succeeds
package main import ( "context" "fmt" "time" "go.mongodb.org/mongo-driver/bson" "go.mongodb.org/mongo-driver/mongo" "go.mongodb.org/mongo-driver/mongo/options" ) func main() { client, err := mongo.NewClient(options.Client().ApplyURI("mongodb://root:XXX@metis:53929/?connect=direct")) if err != nil { panic(err) } ctx, cancel := context.WithTimeout(context.Background(), 20*time.Second) defer cancel() err = client.Connect(ctx) if err != nil { panic(err) } admin := client.Database("admin") res := admin.RunCommand(context.Background(), bson.D{{"listDatabases", 1}}) if res.Err() != nil { panic(res.Err()) } var doc bson.D if err := res.Decode(&doc); err != nil { panic(err) } json, err := bson.MarshalExtJSON(doc, false, false) if err != nil { panic(err) } fmt.Println(string(json)) }
- is depended on by
-
TOOLS-2380 mongodump fails against hidden node with authentication enabled
- Closed
- related to
-
GODRIVER-1090 Authentication fails against Hidden Secondary
- Closed