<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Thu Feb 08 05:31:42 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[SERVER-53724] Make DBClient able to reauthenticate with x509 automatically when reconnecting for tenant migrations</title>
                <link>https://jira.mongodb.org/browse/SERVER-53724</link>
                <project id="10000" key="SERVER">Core Server</project>
                    <description>&lt;p&gt;Currently, we pass in the &lt;a href=&quot;https://github.com/mongodb/mongo/blob/48eb1af51e8e0ba7abaf4c5cdf9c06a959a7722d/src/mongo/db/repl/tenant_migration_recipient_service.cpp#L279&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;transientSSLParams&lt;/a&gt; for x509 when calling connect(). This allows us to connect and authenticate successfully, but at this time we are not able to reauthenticate after automatic DBClient reconnects &lt;a href=&quot;https://github.com/mongodb/mongo/blob/48eb1af51e8e0ba7abaf4c5cdf9c06a959a7722d/src/mongo/client/dbclient_connection.cpp#L589&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;here&lt;/a&gt;. We already have provisions for doing something similar with keyauth &lt;a href=&quot;https://github.com/mongodb/mongo/blob/48eb1af51e8e0ba7abaf4c5cdf9c06a959a7722d/src/mongo/client/dbclient_connection.cpp#L610&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;here&lt;/a&gt;, so hopefully we can leverage some of that functionality.&lt;/p&gt;

&lt;p&gt;Ideally, this should all be handled internally in DBClient itself. We need information from the recipient service to reauthenticate, but perhaps that can be done cleanly via storing a lambda.&lt;/p&gt;</description>
                <environment></environment>
        <key id="1587722">SERVER-53724</key>
            <summary>Make DBClient able to reauthenticate with x509 automatically when reconnecting for tenant migrations</summary>
                <type id="3" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14718&amp;avatarType=issuetype">Task</type>
                                            <priority id="3" iconUrl="https://jira.mongodb.org/images/icons/priorities/major.svg">Major - P3</priority>
                        <status id="6" iconUrl="https://jira.mongodb.org/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="success"/>
                                    <resolution id="13201">Fixed</resolution>
                                        <assignee username="jason.zhang@mongodb.com">Jason Zhang</assignee>
                                    <reporter username="vesselina.ratcheva@mongodb.com">Vesselina Ratcheva</reporter>
                        <labels>
                            <label>pm-1791_milestone-P</label>
                    </labels>
                <created>Tue, 12 Jan 2021 21:23:44 +0000</created>
                <updated>Sun, 29 Oct 2023 21:58:54 +0000</updated>
                            <resolved>Tue, 26 Jan 2021 16:52:16 +0000</resolved>
                                                    <fixVersion>4.9.0</fixVersion>
                                                        <votes>0</votes>
                                    <watches>3</watches>
                                                                                                                <comments>
                            <comment id="3581841" author="xgen-internal-githook" created="Mon, 25 Jan 2021 23:36:49 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{&apos;name&apos;: &apos;Jason Zhang&apos;, &apos;email&apos;: &apos;jason.zhang@mongodb.com&apos;, &apos;username&apos;: &apos;jz1242&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-53724&quot; title=&quot;Make DBClient able to reauthenticate with x509 automatically when reconnecting for tenant migrations&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-53724&quot;&gt;&lt;del&gt;SERVER-53724&lt;/del&gt;&lt;/a&gt; Make DBClient able to reauthenticate with x509 automatically when reconnecting for tenant migrations&lt;br/&gt;
Branch: master&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/mongo/commit/57aa9e6106905a8969af5b997e2b316ce2d71b62&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/mongo/commit/57aa9e6106905a8969af5b997e2b316ce2d71b62&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="3561597" author="mark.benvenuto" created="Wed, 13 Jan 2021 00:42:50 +0000"  >&lt;p&gt;&lt;a href=&quot;https://jira.mongodb.org/secure/ViewProfile.jspa?name=jack.mulrow&quot; class=&quot;user-hover&quot; rel=&quot;jack.mulrow&quot;&gt;jack.mulrow&lt;/a&gt; as you suggested, just cache &lt;tt&gt;transientSSLParams&lt;/tt&gt; in &lt;tt&gt;DBClientConnection&lt;/tt&gt;. There does not need to be any interaction with the &lt;tt&gt;authCache&lt;/tt&gt; as these are separate concerns. The &lt;tt&gt;transientSSLParams&lt;/tt&gt; is related to the connection and is not something with login credentials.&lt;/p&gt;

&lt;p&gt;I would also remove the optional parameter from &lt;tt&gt;connect()&lt;/tt&gt; to find any other possible issues related to not calling &lt;tt&gt;connect&lt;/tt&gt; with the right parameters.&lt;/p&gt;</comment>
                            <comment id="3561469" author="jack.mulrow" created="Tue, 12 Jan 2021 23:05:54 +0000"  >&lt;p&gt;I think one way to handle this is to cache the transientSSLParams &lt;a href=&quot;https://github.com/mongodb/mongo/blob/9a32ea06f78c2dd7219506b19d164dcb5e7eaa34/src/mongo/client/dbclient_connection.cpp#L397-L398&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;passed to DBClientConnection::connectSocketOnly()&lt;/a&gt;&#160;(added in &lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-52707&quot; title=&quot;[auth] Make tenant migration recipient use x509 certificate to connect to donor&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-52707&quot;&gt;&lt;del&gt;SERVER-52707&lt;/del&gt;&lt;/a&gt;) and use them when &lt;a href=&quot;https://github.com/mongodb/mongo/blob/9a32ea06f78c2dd7219506b19d164dcb5e7eaa34/src/mongo/client/dbclient_connection.cpp#L589&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;reconnecting in DBClientConnection::_checkConnection()&lt;/a&gt;. We can cache them in a new member variable, like what we do with &lt;a href=&quot;https://github.com/mongodb/mongo/blob/9a32ea06f78c2dd7219506b19d164dcb5e7eaa34/src/mongo/client/dbclient_connection.h#L334-L336&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;_serverAddress and _applicationName&lt;/a&gt;. It looks like the authCache map in DBClientConnection should already be &lt;a href=&quot;https://github.com/mongodb/mongo/blob/8d9dd063d94b4f17d1adfa331dfc2c27a4180085/src/mongo/client/dbclient_connection.cpp#L261&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;caching&lt;/a&gt;&#160;and &lt;a href=&quot;https://github.com/mongodb/mongo/blob/8d9dd063d94b4f17d1adfa331dfc2c27a4180085/src/mongo/client/dbclient_connection.cpp#L613-L615&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;reusing&lt;/a&gt;&#160;the x509 auth document &lt;a href=&quot;https://github.com/mongodb/mongo/blob/8d9dd063d94b4f17d1adfa331dfc2c27a4180085/src/mongo/db/repl/tenant_migration_recipient_service.cpp#L297&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;used by the recipient service to auth earlier on&lt;/a&gt;, so I don&apos;t think any work is required for that.&lt;/p&gt;

&lt;p&gt;&lt;a href=&quot;https://jira.mongodb.org/secure/ViewProfile.jspa?name=spencer.jackson&quot; class=&quot;user-hover&quot; rel=&quot;spencer.jackson&quot;&gt;spencer.jackson&lt;/a&gt; (or &lt;a href=&quot;https://jira.mongodb.org/secure/ViewProfile.jspa?name=mark.benvenuto&quot; class=&quot;user-hover&quot; rel=&quot;mark.benvenuto&quot;&gt;mark.benvenuto&lt;/a&gt;&#160;since you reviewed &lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-52707&quot; title=&quot;[auth] Make tenant migration recipient use x509 certificate to connect to donor&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-52707&quot;&gt;&lt;del&gt;SERVER-52707&lt;/del&gt;&lt;/a&gt;), what do you think?&lt;/p&gt;</comment>
                    </comments>
                <issuelinks>
                            <issuelinktype id="10011">
                    <name>Depends</name>
                                                                <inwardlinks description="is depended on by">
                                        <issuelink>
            <issuekey id="1562844">SERVER-53282</issuekey>
        </issuelink>
                            </inwardlinks>
                                    </issuelinktype>
                    </issuelinks>
                <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                <customfield id="customfield_10050" key="com.atlassian.jira.toolkit:comments">
                        <customfieldname># Replies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>3.0</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_18555" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname># of Sprints</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2.0</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_10011" key="com.atlassian.jira.plugin.system.customfieldtypes:radiobuttons">
                        <customfieldname>Backwards Compatibility</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="10038"><![CDATA[Fully Compatible]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_10055" key="com.atlassian.jira.ext.charting:firstresponsedate">
                        <customfieldname>Date of 1st Reply</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>Tue, 12 Jan 2021 23:05:54 +0000</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10052" key="com.atlassian.jira.toolkit:dayslastcommented">
                        <customfieldname>Days since reply</customfieldname>
                        <customfieldvalues>
                                        3 years, 2 weeks, 2 days ago
    
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_18254" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Dependencies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue><![CDATA[]]></customfieldvalue>


                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                        <customfield id="customfield_17050" key="com.atlassian.jira.plugin.system.customfieldtypes:radiobuttons">
                        <customfieldname>Downstream Team Attention</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="16941"><![CDATA[Not Needed]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                        <customfield id="customfield_10857" key="com.pyxis.greenhopper.jira:gh-epic-link">
                        <customfieldname>Epic Link</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>PM-1791</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <customfield id="customfield_10057" key="com.atlassian.jira.toolkit:lastusercommented">
                        <customfieldname>Last comment by Customer</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>true</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_10056" key="com.atlassian.jira.toolkit:lastupdaterorcommenter">
                        <customfieldname>Last commenter</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>luke.bonanomi@mongodb.com</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_11151" key="com.atlassian.jira.toolkit:LastCommentDate">
                        <customfieldname>Last public comment date</customfieldname>
                        <customfieldvalues>
                            3 years, 2 weeks, 2 days ago
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                    <customfield id="customfield_10051" key="com.atlassian.jira.toolkit:participants">
                        <customfieldname>Participants</customfieldname>
                        <customfieldvalues>
                                        <customfieldvalue>xgen-internal-githook</customfieldvalue>
            <customfieldvalue>jack.mulrow@mongodb.com</customfieldvalue>
            <customfieldvalue>jason.zhang@mongodb.com</customfieldvalue>
            <customfieldvalue>mark.benvenuto@mongodb.com</customfieldvalue>
            <customfieldvalue>vesselina.ratcheva@mongodb.com</customfieldvalue>
    
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                        <customfield id="customfield_14254" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Product Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|hyp49z:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|hy3wb3:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>9223372036854775807</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_23361" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Requested By</customfieldname>
                        <customfieldvalues>
                                

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                        <customfield id="customfield_10557" key="com.pyxis.greenhopper.jira:gh-sprint">
                        <customfieldname>Sprint</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue id="4483">Sharding 2021-01-25</customfieldvalue>
    <customfieldvalue id="4484">Sharding 2021-02-08</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_10053" key="com.atlassian.jira.ext.charting:timeinstatus">
                        <customfieldname>Time In Status</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_22870" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Triagers</customfieldname>
                        <customfieldvalues>
                                

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_14350" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>serverRank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|hyoqjb:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                    </customfields>
    </item>
</channel>
</rss>