<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Thu Feb 08 08:24:49 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[DRIVERS-2140] Clarify Auth Spec and Clean Up Error Section</title>
                <link>https://jira.mongodb.org/browse/DRIVERS-2140</link>
                <project id="10980" key="DRIVERS">Drivers</project>
                    <description>&lt;p&gt;Failure scenario:&lt;/p&gt;
&lt;ul class=&quot;alternate&quot; type=&quot;square&quot;&gt;
	&lt;li&gt;A customer has multiple mongos&lt;/li&gt;
	&lt;li&gt;1 mongos is in a failure state and cannot be connected to for authentication&lt;/li&gt;
&lt;/ul&gt;


&lt;p&gt;Asks:&lt;/p&gt;
&lt;ul class=&quot;alternate&quot; type=&quot;square&quot;&gt;
	&lt;li&gt;detect an unhealthy mongos and reroute operations to healthy sibling mongos (&lt;a href=&quot;https://jira.mongodb.org/browse/DRIVERS-1571&quot; title=&quot;Direct read/write retries to another mongos if possible&quot; class=&quot;issue-link&quot; data-issue-key=&quot;DRIVERS-1571&quot;&gt;DRIVERS-1571&lt;/a&gt;)&lt;/li&gt;
	&lt;li&gt;retry authentication against unhealthy member (DRIVERS-1476)&lt;/li&gt;
&lt;/ul&gt;


&lt;p&gt;So I reviewed &lt;a href=&quot;https://github.com/mongodb/specifications/blob/master/source/auth/auth.rst#authentication-handshake&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/specifications/blob/master/source/auth/auth.rst#authentication-handshake&lt;/a&gt; as part of opening this ticket and our spec needs some other tweaks&lt;br/&gt;
1) there&apos;s a &apos;todo: errors&quot; section which is not completely written (I guess?)&lt;br/&gt;
2) we probably shouldn&apos;t have dev@mongodb.com as an example since that is our CEOs name/email?&lt;br/&gt;
3) it might be nice to have a flowchart example of some kind since even after reading a lot of text I still couldn&apos;t decide what happens in the event of authentication failure, or if retries happen, or for how long those retries are going to happen. &lt;/p&gt;
</description>
                <environment></environment>
        <key id="1680982">DRIVERS-2140</key>
            <summary>Clarify Auth Spec and Clean Up Error Section</summary>
                <type id="14901" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14700&amp;avatarType=issuetype">Spec Change</type>
                                            <priority id="3" iconUrl="https://jira.mongodb.org/images/icons/priorities/major.svg">Major - P3</priority>
                        <status id="10038" iconUrl="https://jira.mongodb.org/images/icons/subtask.gif" description="">Backlog</status>
                    <statusCategory id="2" key="new" colorName="default"/>
                                    <resolution id="-1">Unresolved</resolution>
                                        <assignee username="-1">Unassigned</assignee>
                                    <reporter username="rachelle.palmer@mongodb.com">Rachelle Palmer</reporter>
                        <labels>
                    </labels>
                <created>Thu, 15 Apr 2021 15:50:28 +0000</created>
                <updated>Thu, 31 Mar 2022 14:05:43 +0000</updated>
                                                                <component>Authentication</component>
                                        <votes>0</votes>
                                    <watches>3</watches>
                                                                                                                <comments>
                            <comment id="3722017" author="rachelle.palmer" created="Fri, 16 Apr 2021 11:54:58 +0000"  >&lt;p&gt;I think I agree that it&apos;s duplicative... I&apos;m going to transform this into a spec ticket and strip out the duplicate parts. Still relevant that our spec is incomplete/needs edits.&lt;/p&gt;</comment>
                            <comment id="3721016" author="shane.harvey" created="Thu, 15 Apr 2021 18:24:17 +0000"  >&lt;p&gt;I agree this seems to be a dup of &lt;a href=&quot;https://jira.mongodb.org/browse/DRIVERS-1571&quot; title=&quot;Direct read/write retries to another mongos if possible&quot; class=&quot;issue-link&quot; data-issue-key=&quot;DRIVERS-1571&quot;&gt;DRIVERS-1571&lt;/a&gt;. &lt;a href=&quot;https://jira.mongodb.org/browse/DRIVERS-746&quot; title=&quot;Drivers should retry operations if connection handshake fails&quot; class=&quot;issue-link&quot; data-issue-key=&quot;DRIVERS-746&quot;&gt;DRIVERS-746&lt;/a&gt; is also related.&lt;/p&gt;

&lt;blockquote&gt;&lt;p&gt;Per the SDAM spec &lt;a href=&quot;https://github.com/mongodb/specifications/blob/master/source/server-discovery-and-monitoring/server-discovery-and-monitoring.rst#why-mark-a-server-unknown-after-an-auth-error&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;here&lt;/a&gt; we mark the server as unknown during the auth failure, but it&apos;s not clear if that includes a mongos auth failure&lt;/p&gt;&lt;/blockquote&gt;

&lt;p&gt;Yes an auth failure from mongos is the same as an auth failure from mongod so the driver will mark the mongos unknown. Assuming that the mongos is still reporting itself as healthy, SDAM will rediscover the node automatically sometime soon after (anywhere from 0 seconds to 10 seconds later). Note that this was recently changed in DRIVERS-1476. Before DRIVERS-1476, the driver would not mark the server unknown from an auth error.&lt;/p&gt;

&lt;p&gt;So after DRIVERS-1476 is implemented, drivers will select the unhealthy mongos less frequently. The state will flip-flop between healthy and unknown. This isn&apos;t perfect but it&apos;s better than the old behavior where the server would stay in the healthy state forever.&lt;/p&gt;</comment>
                    </comments>
                <issuelinks>
                            <issuelinktype id="10012">
                    <name>Related</name>
                                            <outwardlinks description="related to">
                                        <issuelink>
            <issuekey id="967617">DRIVERS-746</issuekey>
        </issuelink>
            <issuelink>
            <issuekey id="1628382">DRIVERS-1571</issuekey>
        </issuelink>
                            </outwardlinks>
                                                                <inwardlinks description="is related to">
                                                        </inwardlinks>
                                    </issuelinktype>
                    </issuelinks>
                <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                                                                                                                                                                                                                                                                            <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                    <customfield id="customfield_10951" key="com.atlassian.jira.plugin.system.customfieldtypes:radiobuttons">
                        <customfieldname>Driver Changes</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="10748"><![CDATA[Needed]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|hypxdj:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>9223372036854775807</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        </customfields>
    </item>
</channel>
</rss>