Loading...

XML

Word

Printable

JSON

Type: Bug
Resolution: Done
Priority: Major - P3
Fix Version/s: 3.2.0-rc4
Affects Version/s: 3.2.0-rc2
Component/s: Security, Sharding
Labels:
None

Backwards Compatibility:
Fully Compatible
Operating System:
ALL
Steps To Reproduce:

Hide

run jstests/sharding/authmr.js with everything in 3.2 expect for mongos, which is in 3.0

Show
run jstests/sharding/authmr.js with everything in 3.2 expect for mongos, which is in 3.0
Sprint:
Sharding C (11/20/15), Sharding D (12/11/15)

It appears that even if a user authenticates successfully as an admin user, it does not have the full privilege.

This appears be the culprit since ActionSet::parseActionSetFromStringVector breaks out immediately when it sees an unrecognized action:

2015-11-16T15:57:49.199-0500 W ACCESS   [conn1] Could not parse privilege element in user document for admin@admin: Unrecognized action privilege string: bypassDocumentValidation
2015-11-16T15:57:49.218-0500 I ACCESS   [conn1] Successfully authenticated as principal admin on admin

- - Sort By Name
  - Sort By Date
  - Ascending
  - Descending
  - Thumbnails
  - List
  - Download All

userdoc.json
4 kB
Nov 17 2015 06:40:44 PM UTC

is related to

SERVER-21535 mongos should ignore actions it doesn't recognize when parsing user privileges at authentication time

Closed

SERVER-21561 Remove privilege redaction added for backwards compatility

Closed

SERVER-21487 Add new suite for running 3.2 SCCC cluster with 3.0 mongos against jstests/sharding

Closed

related to

SERVER-21659 bypassDocumentValidation authentication error

Closed

Assignee:: Spencer Brody (Inactive)

Reporter:: Randolph Tan

Participants:: Andreas Nilsson, Andy Schwerin, Githook User, Randolph Tan, Spencer Brody, Spencer Jackson

Votes:: 0 Vote for this issue

Watchers:: 10 Start watching this issue

Created:: Nov 16 2015 09:42:03 PM UTC

Updated:: Jan 25 2017 09:59:37 PM UTC

Resolved:: Nov 20 2015 09:18:12 PM UTC