[SERVER-3454] Investigate the potential interference of profiling with authentication Created: 20/Jul/11  Updated: 07/Jun/12  Resolved: 20/Jan/12

Status: Closed
Project: Core Server
Component/s: Security
Affects Version/s: None
Fix Version/s: None

Type: Bug Priority: Major - P3
Reporter: Spencer Brody (Inactive) Assignee: Kristina Chodorow (Inactive)
Resolution: Duplicate Votes: 1
Labels: authentication, profiling
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Duplicate
duplicates SERVER-4754 Profiling silently fails with --auth Closed
Related
is related to SERVER-4335 authentication against readonly accou... Closed
Operating System: ALL
Participants:

 Description   

A user was unable to show dbs or show collections because of an auth error, even after authenticating against the admin DB. Disabling profiling seems to have fixed the problem.



 Comments   
Comment by Kristina Chodorow (Inactive) [ 07/Jun/12 ]

@Jason: please follow SERVER-4754 instead of this ticket.

Comment by Jason Peterson [ 07/Jun/12 ]

I am experiencing this issue with version 2.0.5. We've been using a readonly account since we initially set up mongo, and yesterday it stopped working, seemingly 'out of the blue'. I did some poking around online and found this related to profiling, when I realized that I had turned on profiling yesterday morning. I turned profiling off, restarted the server, and the readonly account started working again.

Comment by Kurt [ 09/May/12 ]

We just ran across something that sounds a lot like this (on 2.0.4). We had profiling set to a really low threshold on a database and queries that returned no results were returning errors like this:

error: {
"$err" : "unauthorized db:app2849838 lock type:-1 client:68.100.237.137",
"code" : 10057
}

When I try this locally and set profiling to 2, I get that error immediately upon login. On the production DB, I'm pretty sure the profiling level was 1 with slowms set to 5.

Queries that did return results were working just fine, although it's quite possible they weren't hitting the profiling threshold.

Comment by Kristina Chodorow (Inactive) [ 22/Nov/11 ]

I think this is related, too: http://groups.google.com/group/mongodb-user/browse_thread/thread/92b48cd330233aa8

Generated at Thu Feb 08 03:03:06 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.