[SERVER-11858] Make mongos invalidate the user cache after any user or role manipulation Created: 26/Nov/13 Updated: 30/Oct/15 Resolved: 03/Dec/13 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Security, Sharding, Usability |
| Affects Version/s: | 2.5.4 |
| Fix Version/s: | 2.5.5 |
| Type: | Improvement | Priority: | Major - P3 |
| Reporter: | Spencer Brody (Inactive) | Assignee: | Spencer Brody (Inactive) |
| Resolution: | Done | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Backwards Compatibility: | Fully Compatible |
| Participants: |
| Description |
|
Right now we rely on the period cache flush to update the mongos' view of user's privileges. On mongoses other than the one the user/role manipulation was done on, that's the best you can do. But on the mongos that was used, you should be able to invalidate the cache right away so the new permissions take affect immediately. |
| Comments |
| Comment by Githook User [ 03/Dec/13 ] |
|
Author: {u'username': u'stbrody', u'name': u'Spencer T Brody', u'email': u'spencer@10gen.com'}Message: |