Uploaded image for project: 'Go Driver'
  1. Go Driver
  2. GODRIVER-1344

Authentication fails against Hidden secondaries in direct connection mode

    • Type: Icon: Bug Bug
    • Resolution: Won't Do
    • Priority: Icon: Major - P3 Major - P3
    • None
    • Affects Version/s: 1.1.2
    • Component/s: Authentication
    • Labels:
      None

      From TOOLS-2380, the Go driver doesn't appear to authenticate in a direct connection to a hidden secondary. This has caused a regression in tools, as users want to dump from hidden members to avoid load on members serving applications.

      Reproduction:

      • mongod 4.2.0
      • 4 node replica set with 1 hidden member
      • authentication enabled: "root" user with "root" role
      • directly connecting to hidden member errors with "(Unauthorized) command listDatabases requires authentication"
      • directly connecting to secondary succeeds
      package main
      
      import (
          "context"
          "fmt"
          "time"
      
          "go.mongodb.org/mongo-driver/bson"
          "go.mongodb.org/mongo-driver/mongo"
          "go.mongodb.org/mongo-driver/mongo/options"
      )
      
      func main() {
          client, err := mongo.NewClient(options.Client().ApplyURI("mongodb://root:XXX@metis:53929/?connect=direct"))
          if err != nil {
              panic(err)
          }
          ctx, cancel := context.WithTimeout(context.Background(), 20*time.Second)
          defer cancel()
          err = client.Connect(ctx)
          if err != nil {
              panic(err)
          }
      
          admin := client.Database("admin")
          res := admin.RunCommand(context.Background(), bson.D{{"listDatabases", 1}})
          if res.Err() != nil {
              panic(res.Err())
          }
          var doc bson.D
          if err := res.Decode(&doc); err != nil {
              panic(err)
          }
          json, err := bson.MarshalExtJSON(doc, false, false)
          if err != nil {
              panic(err)
          }
          fmt.Println(string(json))
      }
      

            Assignee:
            Unassigned Unassigned
            Reporter:
            david.golden@mongodb.com David Golden
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

              Created:
              Updated:
              Resolved: