Currently, anytime an access-control enabled mongod or mongos receive a new connection from localhost, it must issue a query against admin.system.user to determine if there are any users defined in the system, and thus whether or not to grant the connection full access according to the localhost auth bypass.
We do this reads on admin.system.users even if the user has explicitly opted-out of the localhost exception by using setParameter=enableLocalhostAuthBypass=0.
It should be trivial to avoid this unnecessary read when the localhost exception is disabled.
- related to
-
SERVER-12235 Don't require a database read on every new localhost connection when auth is on
- Closed