Loading...

XML

Word

Printable

JSON

Type: Bug
Resolution: Done
Priority: Major - P3
Fix Version/s: 3.3.0
Affects Version/s: None
Component/s: Security, Sharding
Labels:
- bkp

Backwards Compatibility:
Minor Change
Operating System:
ALL
Backport Requested:

v3.2
Sprint:
Sharding C (11/20/15), Sharding D (12/11/15)

This is to aid mixed-version operation during upgrade.

Now that we update mongods before mongoses, we can run into a problem where a user goes to authenticated to an old mongos, the mongos goes to load the privileges for that user from a new config server mongod, and then the mongos sees actions it doesn't recognize. This currently causes mongos to completely ignore any privileges with actions it doesn't recognize, which could leave the user logged in but missing many of the privileges they expect to see.

is related to

SERVER-21561 Remove privilege redaction added for backwards compatility

Closed

SERVER-21567 Add unit test for mongos ignoring unrecognized actions when parsing user privileges

Closed

related to

SERVER-21486 successful authentication does not give full privilege with 3.0 mongos and 3.2 mongod

Closed

SERVER-29050 Create upgrade/downgrade mechanism for adding and removing ActionTypes

Backlog

Assignee:: Spencer Brody (Inactive)

Reporter:: Spencer Brody (Inactive)

Participants:: Githook User, Spencer Brody

Votes:: 0 Vote for this issue

Watchers:: 7 Start watching this issue

Created:: Nov 18 2015 08:47:32 PM UTC

Updated:: May 04 2017 06:30:56 PM UTC

Resolved:: Dec 09 2015 04:22:16 PM UTC

Details

Description

Attachments

Issue Links

Activity

People

Dates