[SERVER-5876] user authentication should retry on primary Created: 18/May/12 Updated: 11/Jul/16 Resolved: 22/May/12 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Security |
| Affects Version/s: | 2.1.1 |
| Fix Version/s: | 2.1.2 |
| Type: | Bug | Priority: | Major - P3 |
| Reporter: | Eric Milkie | Assignee: | Greg Studer |
| Resolution: | Done | Votes: | 0 |
| Labels: | buildbot | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||||||||||
| Operating System: | ALL | ||||||||||||||||||||
| Participants: | |||||||||||||||||||||
| Description |
|
http://buildbot.mongodb.org/builders/Linux%2064-bit%20concurrency/builds/244/steps/test_9/logs/stdio This recurring failure in sharding/auth.js might be due to replication. We addUser() and then immediately try to authenticate using this user; even with getLastError(), sometimes we still get an error saying the user is missing. The theory is that addUser() went to the primary but the authentication was done on a secondary. Should it be a requirement that adding users should be done with getLastError and w=all? Or should we change the auth code to retry a user lookup on the primary if a secondary doesn't have a user? This test used to pass reliably; a change was committed recently that sped things up (or at least changed the timing of things) and now the test fails frequently, especially on faster builders. |
| Comments |
| Comment by Greg Studer [ 21/May/12 ] |
|
For some tests, 15s isn't enough time to allow the lock to replicate. Configurable delay as well? Mongos makes it very ugly to ensure replication to secondaries once we call getLastError() once. |
| Comment by Greg Studer [ 21/May/12 ] |
|
w=all doesn't exist, see related ticket for future improvements. There is now a configurable parameter so you can specify the desired replication amount, defaults to "majority". Tried to catch all the other tests affected, but may need to tweak in the future to handle slow builders. |
| Comment by auto [ 21/May/12 ] |
|
Author: {u'login': u'gregstuder', u'name': u'Greg Studer', u'email': u'greg@10gen.com'}Message: |
| Comment by Eliot Horowitz (Inactive) [ 20/May/12 ] |
|
I think we should make addUser do a w=all with a low timeout (5 seconds?) |