Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-31552

Authorization User Cache should be able to hold select users in memory

    • Type: Icon: Improvement Improvement
    • Resolution: Fixed
    • Priority: Icon: Major - P3 Major - P3
    • 4.1.4
    • Affects Version/s: None
    • Component/s: Admin
    • Labels:
    • Fully Compatible
    • Security 2018-09-10, Security 2018-09-24, Security 2018-10-08
    • 19

      Currently, updating any user will invalidate its entry in the user cache. The next time that user attempts to perform an operation, the AuthorizationManager will pull the canonical document from disk, taking a shared lock on the system's user collection. If a long running operation has taken an exclusive lock on the whole system, the AuthorizationManager may block until it finishes. Attempting to run administrative operations such as killOp or currentOp may cause the AuthorizationManager to perform this update.

      We should have a mechanism to ensure that at least some users are always held in memory. Authentication or authorization, and by extension running killOp, would never need to block.

            jonathan.reams@mongodb.com Jonathan Reams
            spencer.jackson@mongodb.com Spencer Jackson
            0 Vote for this issue
            6 Start watching this issue