Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-47504

Prepopulate state for AuthzSessionExternalStateServerCommon::_checkShouldAllowLocalhost

    • Type: Icon: Task Task
    • Resolution: Fixed
    • Priority: Icon: Major - P3 Major - P3
    • 4.7.0
    • Affects Version/s: None
    • Component/s: Security
    • None
    • Minor Change
    • Security 2020-05-04
    • 42

      AuthzSessionExternalStateServerCommon::_checkShouldAllowLocalhost is used to identify when the localhost auth bypass should be enabled. Running it will require taking storage locks, if the bypass hasn't previously been detected as having been disabled.
      Normally authentication or authorization attempts as the internal cluster user will never take locks, because this user's User description is always cached in memory. However, the localhost auth bypass might need to be checked.

      Instead of performing a disk access during command dispatch, we could perform this check in two parts.
      1) On startup, check if users exist in `admin.system.users`. If yes, disable the localhost auth bypass.
      2) In the AuthZN subsystem's OpObserver, record when an event which should invalidate the bypass occurs, and globally disable it.

            Assignee:
            sara.golemon@mongodb.com Sara Golemon
            Reporter:
            spencer.jackson@mongodb.com Spencer Jackson
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: