Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-5082

Queries with slaveOk() do not reauthenticate when credentials change and an admin user exists.

    • ALL

      I don't have a reproducible test case, but this issue was seen in production with two different user/database combination two distinct times. We can not run with slave_ok in production because of it. Each time the issue persisted until slave_ok was removed as an option to query.

      We are using the luamongo (https://github.com/moai/luamongo) driver which is a thin wrapper around the c++ driver. We never saw the issue when on mongodb 1.8, we first ran into the issue after updating to 2.0.2. Originally we thought it was because we were still using a lua driver compiled against the 1.8.X C++ driver but the issue continued after upgrading to the 2.0.2 version of the driver.

      When a query is sent to a secondary this is the return:

      [

      {"code":10057,"$err":"unauthorized db:<db name> lock type:-1 client:50.18.245.77"}

      ]

      Any lua query, even basic one's like the following will generate the error:

      local cursor = mongodb:query('mydb.datastore', '

      {key:"value"}

      ', nil, nil, nil, 4)

        1. authQueryTest.lua
          5 kB
        2. authTest.cpp
          2 kB
        3. authTest.lua
          0.5 kB
        4. primary.log
          5 kB
        5. query.lua
          1 kB
        6. query.lua
          1 kB
        7. query.lua
          1 kB
        8. query.lua
          0.7 kB
        9. querySlaveOkTest.cpp
          2 kB
        10. querySlaveOkTest.cpp
          2 kB
        11. secondary.log
          5 kB

            Assignee:
            benjamin.becker Ben Becker
            Reporter:
            larubbio Rob LaRubbio
            Votes:
            4 Vote for this issue
            Watchers:
            8 Start watching this issue

              Created:
              Updated:
              Resolved: