<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Thu Feb 08 02:55:32 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[SERVER-921] sharding authentication support</title>
                <link>https://jira.mongodb.org/browse/SERVER-921</link>
                <project id="10000" key="SERVER">Core Server</project>
                    <description>&lt;p&gt;Will use private key for internal communication.&lt;/p&gt;</description>
                <environment></environment>
        <key id="11470">SERVER-921</key>
            <summary>sharding authentication support</summary>
                <type id="2" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14711&amp;avatarType=issuetype">New Feature</type>
                                            <priority id="3" iconUrl="https://jira.mongodb.org/images/icons/priorities/major.svg">Major - P3</priority>
                        <status id="6" iconUrl="https://jira.mongodb.org/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="success"/>
                                    <resolution id="9">Done</resolution>
                                        <assignee username="kristina">Kristina Chodorow</assignee>
                                    <reporter username="eliot">Eliot Horowitz</reporter>
                        <labels>
                    </labels>
                <created>Wed, 10 Mar 2010 06:30:01 +0000</created>
                <updated>Tue, 12 Jul 2016 00:29:52 +0000</updated>
                            <resolved>Wed, 22 Jun 2011 20:46:58 +0000</resolved>
                                                    <fixVersion>1.9.1</fixVersion>
                                    <component>Sharding</component>
                                        <votes>23</votes>
                                    <watches>23</watches>
                                                                                                                <comments>
                            <comment id="72773" author="larry.loi" created="Tue, 13 Dec 2011 16:08:41 +0000"  >&lt;p&gt;the attached log is which crashed shard server log file.&lt;/p&gt;</comment>
                            <comment id="72766" author="larry.loi" created="Tue, 13 Dec 2011 15:57:42 +0000"  >&lt;p&gt;got a kinda message like that&lt;br/&gt;
Tue Dec 13 22:17:54 &lt;span class=&quot;error&quot;&gt;&amp;#91;conn5&amp;#93;&lt;/span&gt; ERROR: Uncaught std::exception: could not initialize cursor across all shards because : unauthorized db:XXXX&lt;/p&gt;</comment>
                            <comment id="72765" author="kristina" created="Tue, 13 Dec 2011 15:56:54 +0000"  >&lt;p&gt;@larry.loi: please create a new bug and attach your mongod log from the crash.&lt;/p&gt;</comment>
                            <comment id="72764" author="kristina" created="Tue, 13 Dec 2011 15:56:53 +0000"  >&lt;p&gt;@larry.loi: please create a new bug and attach your mongod log from the crash.&lt;/p&gt;</comment>
                            <comment id="72763" author="larry.loi" created="Tue, 13 Dec 2011 15:55:27 +0000"  >&lt;p&gt;if disable authentication, map reduce will running fine.&lt;/p&gt;</comment>
                            <comment id="72761" author="larry.loi" created="Tue, 13 Dec 2011 15:54:27 +0000"  >&lt;p&gt;I am running 2.0.1, my shard servers environment is working fine in general operations like insert, update, select delete etc. but it would crash the primary shard of a database if I running map reduce.&lt;/p&gt;</comment>
                            <comment id="39665" author="kristina" created="Wed, 29 Jun 2011 03:07:13 +0000"  >&lt;p&gt;No, it will be available in 2.0.&lt;/p&gt;</comment>
                            <comment id="39657" author="vesafb" created="Wed, 29 Jun 2011 01:37:45 +0000"  >&lt;p&gt;Will this fix be backported to 1.8.x?&lt;/p&gt;</comment>
                            <comment id="38816" author="kristina" created="Wed, 22 Jun 2011 20:46:58 +0000"  >&lt;p&gt;See documentation at: &lt;a href=&quot;http://www.mongodb.org/display/DOCS/Security+and+Authentication#SecurityandAuthentication-ReplicaSetandShardingAuthentication&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;http://www.mongodb.org/display/DOCS/Security+and+Authentication#SecurityandAuthentication-ReplicaSetandShardingAuthentication&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="38792" author="auto" created="Wed, 22 Jun 2011 18:22:50 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{u&apos;login&apos;: u&apos;kchodorow&apos;, u&apos;name&apos;: u&apos;Kristina&apos;, u&apos;email&apos;: u&apos;kristina@10gen.com&apos;}
&lt;p&gt;Message: add auth support &lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-921&quot; title=&quot;sharding authentication support&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-921&quot;&gt;&lt;del&gt;SERVER-921&lt;/del&gt;&lt;/a&gt;&lt;br/&gt;
Branch: master&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/mongo/commit/9e5a8a53d334082015e66274aa87f39a3b52c59a&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/mongo/commit/9e5a8a53d334082015e66274aa87f39a3b52c59a&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="38791" author="auto" created="Wed, 22 Jun 2011 18:22:47 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{u&apos;login&apos;: u&apos;kchodorow&apos;, u&apos;name&apos;: u&apos;Kristina&apos;, u&apos;email&apos;: u&apos;kristina@10gen.com&apos;}
&lt;p&gt;Message: move runAgainstRegistered to sharding &lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-921&quot; title=&quot;sharding authentication support&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-921&quot;&gt;&lt;del&gt;SERVER-921&lt;/del&gt;&lt;/a&gt;&lt;br/&gt;
Branch: master&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/mongo/commit/09d1825d7f599724739ee712c8b91bfb566ea607&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/mongo/commit/09d1825d7f599724739ee712c8b91bfb566ea607&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="38790" author="auto" created="Wed, 22 Jun 2011 18:22:46 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{u&apos;login&apos;: u&apos;kchodorow&apos;, u&apos;name&apos;: u&apos;Kristina&apos;, u&apos;email&apos;: u&apos;kristina@10gen.com&apos;}
&lt;p&gt;Message: split security into s-only, d-only, and common &lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-921&quot; title=&quot;sharding authentication support&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-921&quot;&gt;&lt;del&gt;SERVER-921&lt;/del&gt;&lt;/a&gt;&lt;br/&gt;
Branch: master&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/mongo/commit/67945f8b00d6e3cad4eaace5ee8f3cd9a6a71dde&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/mongo/commit/67945f8b00d6e3cad4eaace5ee8f3cd9a6a71dde&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="38767" author="auto" created="Wed, 22 Jun 2011 16:53:15 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{u&apos;login&apos;: u&apos;kchodorow&apos;, u&apos;name&apos;: u&apos;Kristina&apos;, u&apos;email&apos;: u&apos;kristina@10gen.com&apos;}
&lt;p&gt;Message: add auth method for config server connections &lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-921&quot; title=&quot;sharding authentication support&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-921&quot;&gt;&lt;del&gt;SERVER-921&lt;/del&gt;&lt;/a&gt;&lt;br/&gt;
Branch: master&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/mongo/commit/d9cec7a4805364b5266a6fed914958998fc0d9b7&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/mongo/commit/d9cec7a4805364b5266a6fed914958998fc0d9b7&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="34332" author="kristina" created="Wed, 25 May 2011 14:53:59 +0000"  >&lt;p&gt;This will be for client authentication and authentication between the various cluster components.  It will be very similar to how replica set authentication is working currently (&lt;a href=&quot;http://www.mongodb.org/display/DOCS/Replica+Set+Authentication&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;http://www.mongodb.org/display/DOCS/Replica+Set+Authentication&lt;/a&gt;).  &lt;/p&gt;

&lt;p&gt;mongos&apos; only responsibility will be tracking which connections are authenticated.&lt;/p&gt;

&lt;p&gt;If a db only exists on one shard, theoretically the user only exists on that shard.  As soon as the db migrates chunks, the user will exist on the other shards.  This will be completely irrelevant to clients, you will interact with mongos exactly the same way you would with a single server running --auth.&lt;/p&gt;</comment>
                            <comment id="34324" author="rasitha1" created="Wed, 25 May 2011 14:34:03 +0000"  >&lt;p&gt;Just to be clear, will this provide client authentication connecting to mongos? Or is this only for authenticating between mongod, configsrv &amp;amp; mongos?&lt;/p&gt;

&lt;p&gt;Do we have any ideas on how this will be implemented? Since users are defined in each database, I&apos;d think it doesn&apos;t make much sense for mongos to do authentication. It should instead pass credentials to the shard or shards when reading/writing data and the shard(s) will take care of authenticating the user. &lt;/p&gt;

&lt;p&gt;Can there be a situation where a user exists on one shard and not on the other? If yes, is that valid? I&apos;d think if you setup a sharding cluster, mongos should take care of adding a user where it will create the user in all shards where the database is present. When a database/collection gets sharded for the first time, it should also copy users to the new shard. If this the right approach, mongod should reject manual user creations when used in a sharded environment (similar to how a primary works within a replica set).&lt;/p&gt;

&lt;p&gt;Thoughts?&lt;/p&gt;</comment>
                    </comments>
                <issuelinks>
                            <issuelinktype id="10011">
                    <name>Depends</name>
                                            <outwardlinks description="depends on">
                                        <issuelink>
            <issuekey id="12523">SERVER-1469</issuekey>
        </issuelink>
                            </outwardlinks>
                                                                <inwardlinks description="is depended on by">
                                                        </inwardlinks>
                                    </issuelinktype>
                            <issuelinktype id="10012">
                    <name>Related</name>
                                            <outwardlinks description="related to">
                                                        </outwardlinks>
                                                        </issuelinktype>
                    </issuelinks>
                <attachments>
                            <attachment id="14110" name="map_reduce_test.rb" size="1730" author="larry.loi" created="Wed, 14 Dec 2011 02:45:42 +0000"/>
                            <attachment id="14096" name="shardsvr2.zip" size="274092" author="larry.loi" created="Tue, 13 Dec 2011 16:08:41 +0000"/>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                <customfield id="customfield_10050" key="com.atlassian.jira.toolkit:comments">
                        <customfieldname># Replies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>15.0</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <customfield id="customfield_10055" key="com.atlassian.jira.ext.charting:firstresponsedate">
                        <customfieldname>Date of 1st Reply</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>Wed, 25 May 2011 14:34:03 +0000</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10052" key="com.atlassian.jira.toolkit:dayslastcommented">
                        <customfieldname>Days since reply</customfieldname>
                        <customfieldvalues>
                                        12 years, 10 weeks, 1 day ago
    
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_18254" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Dependencies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue><![CDATA[<s><a href='https://jira.mongodb.org/browse/SERVER-1469'>SERVER-1469</a></s>]]></customfieldvalue>


                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_10057" key="com.atlassian.jira.toolkit:lastusercommented">
                        <customfieldname>Last comment by Customer</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>true</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_10056" key="com.atlassian.jira.toolkit:lastupdaterorcommenter">
                        <customfieldname>Last commenter</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>ramon.fernandez@mongodb.com</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_11151" key="com.atlassian.jira.toolkit:LastCommentDate">
                        <customfieldname>Last public comment date</customfieldname>
                        <customfieldvalues>
                            12 years, 10 weeks, 1 day ago
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                    <customfield id="customfield_10051" key="com.atlassian.jira.toolkit:participants">
                        <customfieldname>Participants</customfieldname>
                        <customfieldvalues>
                                        <customfieldvalue>auto</customfieldvalue>
            <customfieldvalue>eliot</customfieldvalue>
            <customfieldvalue>vesafb</customfieldvalue>
            <customfieldvalue>kristina</customfieldvalue>
            <customfieldvalue>larry.loi</customfieldvalue>
            <customfieldvalue>rasitha1</customfieldvalue>
    
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                        <customfield id="customfield_14254" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Product Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|hrpovb:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|hrinuv:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>22517</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_23361" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Requested By</customfieldname>
                        <customfieldvalues>
                                

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <customfield id="customfield_10053" key="com.atlassian.jira.ext.charting:timeinstatus">
                        <customfieldname>Time In Status</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_22870" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Triagers</customfieldname>
                        <customfieldvalues>
                                

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_14350" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>serverRank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|ht0e5j:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                    </customfields>
    </item>
</channel>
</rss>