[SERVER-36190] Thousands of Messages that user doesn't exist in the arbiter Created: 19/Jul/18 Updated: 27/Oct/23 Resolved: 19/Jul/18 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Replication |
| Affects Version/s: | 3.6.3 |
| Fix Version/s: | None |
| Type: | Question | Priority: | Major - P3 |
| Reporter: | Marcela Reis | Assignee: | Nick Brewer |
| Resolution: | Works as Designed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||
| Participants: | |||||||||
| Description |
|
I have a 3 member replicaset (PRIMARY, SECONDARY and ARBITER only). Only in the arbiter log, there is a thousand of message like this: 2018-07-19T09:35:01.989-0300 I ACCESS [conn22711] SCRAM-SHA-1 authentication failed for USER on db from client ADDRESS:PORT ; UserNotFound: Could not find user XXXXX@XXXX
Arbiters are not supposed to have data or users.
I'm not sure how application is handling this. |
| Comments |
| Comment by Anton B. [ 28/May/20 ] | ||
|
Hi, we have ~50 logs per second on our arbiters, it's normally? It this a driver problem? (using php with mongodb-1.7.4)
| ||
| Comment by Nick Brewer [ 19/Jul/18 ] | ||
|
reismarcela Thanks. Nothing sticks out as unusual there. The error messages indicate that a client device is attempting to connect to this machine repeatedly using SCRAM authentication, which of course won't work since the Arbiter does not contain user and role mappings - as a result it's logging the failed connection attempt. Based on the IP address, it appears that the same client device is attempting to make these connections repeatedly. Given the volume of requests, I would suggest taking a look at the client machine to see if an application / driver on it has been hard-coded to connect to this specific mongod. I was actually able to recreate this error locally by creating an auth-enabled replica set with an arbiter, and then attempting to connect to it directly:
Since this doesn't appear to be a bug in the MongoDB server, I'm going to go ahead and close this ticket. If you run into any unusual behavior while you're investigating this, feel free to comment here and I'll reopen it. -Nick | ||
| Comment by Marcela Reis [ 19/Jul/18 ] | ||
|
Hi Nick, Information attached in the secure portal. Any problems, let me know. Thanks, | ||
| Comment by Nick Brewer [ 19/Jul/18 ] | ||
|
reismarcela I'd like to get a better sense of how things are configured. Could you provide the output of the following mongo shell commands:
You can upload this information in our secure portal if you wish to keep it private - information shared there is only available to MongoDB employees, and it is automatically deleted after a period of time. Thanks, |