[SERVER-31552] Authorization User Cache should be able to hold select users in memory Created: 13/Oct/17  Updated: 30/Oct/23  Resolved: 01/Oct/18

Status: Closed
Project: Core Server
Component/s: Admin
Affects Version/s: None
Fix Version/s: 4.1.4

Type: Improvement Priority: Major - P3
Reporter: Spencer Jackson Assignee: Jonathan Reams
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends
Duplicate
is duplicated by SERVER-35637 DDL operations blocked by transaction... Closed
Problem/Incident
Related
related to SERVER-33648 Attempting to perform user- and role-... Closed
related to SERVER-35890 Make Authorization user cache a gener... Closed
is related to SERVER-13586 Remove user cache invalidation from u... Backlog
Backwards Compatibility: Fully Compatible
Sprint: Security 2018-09-10, Security 2018-09-24, Security 2018-10-08
Participants:
Linked BF Score: 19

 Description   

Currently, updating any user will invalidate its entry in the user cache. The next time that user attempts to perform an operation, the AuthorizationManager will pull the canonical document from disk, taking a shared lock on the system's user collection. If a long running operation has taken an exclusive lock on the whole system, the AuthorizationManager may block until it finishes. Attempting to run administrative operations such as killOp or currentOp may cause the AuthorizationManager to perform this update.

We should have a mechanism to ensure that at least some users are always held in memory. Authentication or authorization, and by extension running killOp, would never need to block.



 Comments   
Comment by Githook User [ 01/Oct/18 ]

Author:

{'name': 'Jonathan Reams', 'email': 'jbreams@mongodb.com', 'username': 'jbreams'}

Message: SERVER-31552 Allow users to be pinned in memory
Branch: master
https://github.com/mongodb/mongo/commit/d3c4ed928630e646bfc07af0ecc2201432ab22d7

Comment by Githook User [ 01/Oct/18 ]

Author:

{'name': 'Jonathan Reams', 'email': 'jbreams@mongodb.com', 'username': 'jbreams'}

Message: SERVER-31552 Allow pinning of users in memory
Branch: master
https://github.com/10gen/mongo-enterprise-modules/commit/68f587298ad9e0396bad50abac7c627053401b22

Comment by Githook User [ 28/Sep/18 ]

Author:

{'name': 'Jonathan Reams', 'email': 'jbreams@mongodb.com', 'username': 'jbreams'}

Message: Revert "SERVER-31552 Allow users to be pinned in memory"

This reverts commit d8e10f2dcc4554c74cf1da9d40557233cad70fb1.
Branch: master
https://github.com/mongodb/mongo/commit/721d251167590413202c8a67b5ceec143111b806

Comment by Githook User [ 28/Sep/18 ]

Author:

{'name': 'Jonathan Reams', 'email': 'jbreams@mongodb.com', 'username': 'jbreams'}

Message: Revert "SERVER-31552 Allow pinning of users in memory"

This reverts commit 3d5b27a580ac6587856c7745577cd5237e20e719.
Branch: master
https://github.com/10gen/mongo-enterprise-modules/commit/4538a85dab3a33b6d25fdeaccea7b0250e1df65d

Comment by Githook User [ 28/Sep/18 ]

Author:

{'name': 'Jonathan Reams', 'email': 'jbreams@mongodb.com', 'username': 'jbreams'}

Message: SERVER-31552 Allow users to be pinned in memory
Branch: master
https://github.com/mongodb/mongo/commit/d8e10f2dcc4554c74cf1da9d40557233cad70fb1

Comment by Githook User [ 28/Sep/18 ]

Author:

{'name': 'Jonathan Reams', 'email': 'jbreams@mongodb.com', 'username': 'jbreams'}

Message: SERVER-31552 Allow pinning of users in memory
Branch: master
https://github.com/10gen/mongo-enterprise-modules/commit/3d5b27a580ac6587856c7745577cd5237e20e719

Generated at Thu Feb 08 04:27:25 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.