-
Type: Task
-
Resolution: Unresolved
-
Priority: Major - P3
-
None
-
Affects Version/s: 2.6.0
-
Component/s: Internal Code, Security
-
None
-
Server Security
Currently we invalidate the user cache in every user and role management command, but the cache invalidation is then duplicated by the hooks in oplog application that also invalidate the cache. They are still currently necessary, however, so that when a mongos does a user or role modification it is viewable immediately via that mongos. Once we have a better story around cache invalidation in mongos, we may be able to change the commands to block until the process has updated its cache via the external notification system, and then we'll be able to remove the invalidation from the commands.
- is related to
-
SERVER-11980 Improve user cache invalidation enforcement on mongos
- Closed
- related to
-
SERVER-31552 Authorization User Cache should be able to hold select users in memory
- Closed