SERVER-10946 Fixed user acquisition for $external

2 files changed, 4 insertions, 10 deletions

diff --git a/src/mongo/db/auth/authz_manager_external_state.cpp b/src/mongo/db/auth/authz_manager_external_state.cpp
index c7dd09eb7be..cf2efc69e64 100644
--- a/src/mongo/db/auth/authz_manager_external_state.cpp
+++ b/src/mongo/db/auth/authz_manager_external_state.cpp
@@ -50,15 +50,6 @@ namespace mongo {
 
         StringData dbname = userName.getDB();
 
-        // Make sure the dbname is actually a database
-        if (dbname == StringData("$external", StringData::LiteralTag()) ||
-            dbname == AuthorizationManager::SERVER_RESOURCE_NAME ||
-            dbname == AuthorizationManager::CLUSTER_RESOURCE_NAME) {
-            return Status(ErrorCodes::UserNotFound,
-                          mongoutils::str::stream() << "No privilege documents stored in the " <<
-                          dbname << " user source.");
-        }
-
         if (!NamespaceString::validDBName(dbname)) {
             return Status(ErrorCodes::BadValue,
                           mongoutils::str::stream() << "Bad database name \"" << dbname << "\"");
diff --git a/src/mongo/db/commands/authentication_commands.cpp b/src/mongo/db/commands/authentication_commands.cpp
index 1783dbd319e..d8a9081eb25 100644
--- a/src/mongo/db/commands/authentication_commands.cpp
+++ b/src/mongo/db/commands/authentication_commands.cpp
@@ -283,7 +283,10 @@ namespace mongo {
             }
             // Handle normal client authentication, only applies to client-server connections
             else {
-                authorizationSession->addAndAuthorizeUser(user);
+                Status status = authorizationSession->addAndAuthorizeUser(user);
+                if (!status.isOK()) {
+                    return status;
+                }
             }
             return Status::OK();
         }