[SERVER-44922] User acquisition shouldn't increment cache generation Created: 03/Dec/19  Updated: 29/Oct/23  Resolved: 27/Dec/19

Status: Closed
Project: Core Server
Component/s: Security
Affects Version/s: None
Fix Version/s: 4.2.3, 4.3.3

Type: Bug Priority: Major - P3
Reporter: Spencer Jackson Assignee: Spencer Jackson
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Backports
Related
Backwards Compatibility: Fully Compatible
Operating System: ALL
Backport Requested:
v4.2
Sprint: Security 2019-12-30
Participants:
Linked BF Score: 126

 Description   

The cache generation is used to decide whether user documents obtained during two separate calls are still "fresh". The generation is incremented whenever an "invalidating" event occurs, such as a user update, or a role deletion, etc. However, we're currently incrementing on user acquisition, which doesn't affect persisted state. This is probably harming our cache use, and causing mongos to frequently re-acquire user data.



 Comments   
Comment by Githook User [ 30/Dec/19 ]

Author:

{'name': 'Spencer Jackson', 'email': 'spencer.jackson@mongodb.com', 'username': 'spencerjackson'}

Message: SERVER-44922 Prevent User acquisition from incrementing cache generation

(cherry picked from commit 47a605826a64d55ff23427deab6f29c5999d1103)
Branch: v4.2
https://github.com/mongodb/mongo/commit/b3622d185c1441622602f2a609932b42f8fecd3d

Comment by Githook User [ 27/Dec/19 ]

Author:

{'name': 'Spencer Jackson', 'email': 'spencer.jackson@mongodb.com', 'username': 'spencerjackson'}

Message: SERVER-44922 Prevent User acquisition from incrementing cache generation
Branch: master
https://github.com/mongodb/mongo/commit/47a605826a64d55ff23427deab6f29c5999d1103

Comment by Kaloian Manassiev [ 03/Dec/19 ]

Ah ok, thanks. I don't think this is something users do unless for some kind of recovery, so I am not concerned about performance. Thanks for clarifying.

Comment by Spencer Jackson [ 03/Dec/19 ]

Manually authenticating on a config server.

Comment by Kaloian Manassiev [ 03/Dec/19 ]

The way I read the description sounds as if MongoS would constantly be refreshing, but I don't think this is the case, right? What user-visible actions would cause the generation to be bumped?

Generated at Thu Feb 08 05:07:22 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.