SERVER-11431 Change clusterAuthMode with setParameter command

1 files changed, 6 insertions, 4 deletions

diff --git a/src/mongo/db/commands/authentication_commands.cpp b/src/mongo/db/commands/authentication_commands.cpp
index faa9b9a511f..2803ebbea08 100644
--- a/src/mongo/db/commands/authentication_commands.cpp
+++ b/src/mongo/db/commands/authentication_commands.cpp
@@ -191,7 +191,8 @@ namespace mongo {
     Status CmdAuthenticate::_authenticateCR(const UserName& user, const BSONObj& cmdObj) {
 
         if (user == internalSecurity.user->getName() &&
-            serverGlobalParams.clusterAuthMode == "x509") {
+            serverGlobalParams.clusterAuthMode.load() == 
+            ServerGlobalParams::ClusterAuthMode_x509) {
             return Status(ErrorCodes::AuthenticationFailed,
                           "Mechanism x509 is required for internal cluster authentication");
         }
@@ -297,10 +298,11 @@ namespace mongo {
 
             fassert(17002, !srvClusterId.empty() && srvClusterId != srvSubjectName);
 
-            // Handle internal cluster member auth, only applies to server-server connections 
+            // Handle internal cluster member auth, only applies to server-server connections
+            int clusterAuthMode = serverGlobalParams.clusterAuthMode.load(); 
             if (srvClusterId == peerClusterId) {
-                if (serverGlobalParams.clusterAuthMode.empty() ||
-                    serverGlobalParams.clusterAuthMode == "keyFile") {
+                if (clusterAuthMode == ServerGlobalParams::ClusterAuthMode_undefined ||
+                    clusterAuthMode == ServerGlobalParams::ClusterAuthMode_keyFile) {
                     return Status(ErrorCodes::AuthenticationFailed, "The provided certificate " 
                                   "can only be used for cluster authentication, not client " 
                                   "authentication. The current configuration does not allow "