[SERVER-53767] Security arch guide user management and authz corrections Created: 13/Jan/21  Updated: 06/Dec/22

Status: Backlog
Project: Core Server
Component/s: Security
Affects Version/s: None
Fix Version/s: None

Type: Task Priority: Major - P3
Reporter: Judah Schvimer Assignee: Backlog - Security Team
Resolution: Unresolved Votes: 0
Labels: former-quick-wins
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Assigned Teams:
Server Security
Participants:

 Description   

The arch guide says the UMCTransaction uses the applyOps command (https://github.com/mongodb/mongo/blob/c061668218c8cbff1f508aa0204f452485d4bb36/src/mongo/db/auth/README.md#umc-transactions), but it actually uses normal multi-document transaction syntax (https://github.com/mongodb/mongo/blob/92cc84b0171942375ccbd2312a052bc7e9f159dd/src/mongo/db/commands/user_management_commands.cpp#L775). We should correct this.

Separately, this section (https://github.com/mongodb/mongo/blob/c061668218c8cbff1f508aa0204f452485d4bb36/src/mongo/db/auth/README.md#authorization-manager-external-state) says "remove cluster config servers" but it should say "remote cluster config servers".


Generated at Thu Feb 08 05:31:48 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.