summaryrefslogtreecommitdiff
path: root/src/mongo/db/initialize_operation_session_info.cpp
diff options
context:
space:
mode:
authorRandolph Tan <randolph@10gen.com>2019-01-28 17:00:20 -0500
committerRandolph Tan <randolph@10gen.com>2019-01-31 14:57:49 -0500
commit8d23154ed3e086213c5bd59b3e2fcba96a3cca41 (patch)
tree1a484f25516da69248d48283890f1a9c7c731263 /src/mongo/db/initialize_operation_session_info.cpp
parentc15a40aa4eaee67e060ac63256998232deb97c38 (diff)
downloadmongo-8d23154ed3e086213c5bd59b3e2fcba96a3cca41.tar.gz
SERVER-39232 Allow commands that do not require auth to refresh sessions
Diffstat (limited to 'src/mongo/db/initialize_operation_session_info.cpp')
-rw-r--r--src/mongo/db/initialize_operation_session_info.cpp14
1 files changed, 9 insertions, 5 deletions
diff --git a/src/mongo/db/initialize_operation_session_info.cpp b/src/mongo/db/initialize_operation_session_info.cpp
index e513126f173..b48027bc130 100644
--- a/src/mongo/db/initialize_operation_session_info.cpp
+++ b/src/mongo/db/initialize_operation_session_info.cpp
@@ -60,16 +60,20 @@ OperationSessionInfoFromClient initializeOperationSessionInfo(OperationContext*
!osi.getAutocommit());
uassert(
50889, "It is illegal to provide a txnNumber for this command", !osi.getTxnNumber());
- return {};
}
- {
+ if (auto authSession = AuthorizationSession::get(opCtx->getClient())) {
// If we're using the localhost bypass, and the client hasn't authenticated,
// logical sessions are disabled. A client may authenticate as the __sytem user,
// or as an externally authorized user.
- AuthorizationSession* authSession = AuthorizationSession::get(opCtx->getClient());
- if (authSession && authSession->isUsingLocalhostBypass() &&
- !authSession->isAuthenticated()) {
+ if (authSession->isUsingLocalhostBypass() && !authSession->isAuthenticated()) {
+ return {};
+ }
+
+ // Do not initialize lsid when auth is enabled and no user is logged in since
+ // there is no sensible uid that can be assigned to it.
+ if (AuthorizationManager::get(opCtx->getServiceContext())->isAuthEnabled() &&
+ !authSession->isAuthenticated() && !requiresAuth) {
return {};
}
}
View Lorry Controller Status