SERVER-37563 Remove all usages of getGlobalAuthorizationManager

author: Kaloian Manassiev <kaloian.manassiev@mongodb.com> 2018-10-11 08:09:52 -0400
committer: Kaloian Manassiev <kaloian.manassiev@mongodb.com> 2018-10-12 07:10:58 -0400
commit: ae2b60fce624cd9f4a95037316033b53846be176 (patch)
tree: 8cc0df2f5645baa710dd135c071f65b558c02320 /src
parent: 849c85561e065598813d6a702ce132f494380eed (diff)
download: mongo-ae2b60fce624cd9f4a95037316033b53846be176.tar.gz
72 files changed, 104 insertions, 250 deletions
diff --git a/src/mongo/client/async_client.cpp b/src/mongo/client/async_client.cpp
index f44afdf212e..92ebd846cbc 100644
--- a/src/mongo/client/async_client.cpp
+++ b/src/mongo/client/async_client.cpp
@@ -35,9 +35,9 @@
 #include "mongo/bson/bsonobjbuilder.h"
 #include "mongo/client/authenticate.h"
 #include "mongo/config.h"
-#include "mongo/db/auth/authorization_manager_global.h"
 #include "mongo/db/auth/internal_user_auth.h"
 #include "mongo/db/commands/test_commands_enabled.h"
+#include "mongo/db/server_options.h"
 #include "mongo/db/wire_version.h"
 #include "mongo/executor/egress_tag_closer_manager.h"
 #include "mongo/rpc/factory.h"
diff --git a/src/mongo/client/connection_pool.cpp b/src/mongo/client/connection_pool.cpp
index 703099e746e..ce9cc05030a 100644
--- a/src/mongo/client/connection_pool.cpp
+++ b/src/mongo/client/connection_pool.cpp
@@ -32,7 +32,6 @@
 
 #include "mongo/client/connpool.h"
 #include "mongo/client/mongo_uri.h"
-#include "mongo/db/auth/authorization_manager_global.h"
 #include "mongo/db/auth/internal_user_auth.h"
 #include "mongo/executor/network_connection_hook.h"
 #include "mongo/executor/remote_command_request.h"
diff --git a/src/mongo/client/native_sasl_client_session.cpp b/src/mongo/client/native_sasl_client_session.cpp
index afa5073069b..d5c15226607 100644
--- a/src/mongo/client/native_sasl_client_session.cpp
+++ b/src/mongo/client/native_sasl_client_session.cpp
@@ -1,4 +1,5 @@
-/*    Copyright 2014 MongoDB Inc.
+/**
+ *   Copyright 2014 MongoDB Inc.
  *
  *    This program is free software: you can redistribute it and/or  modify
  *    it under the terms of the GNU Affero General Public License, version 3,
@@ -34,6 +35,8 @@
 #include "mongo/client/sasl_plain_client_conversation.h"
 #include "mongo/client/sasl_scram_client_conversation.h"
 #include "mongo/client/scram_client_cache.h"
+#include "mongo/crypto/sha1_block.h"
+#include "mongo/crypto/sha256_block.h"
 #include "mongo/util/mongoutils/str.h"
 
 namespace mongo {
diff --git a/src/mongo/crypto/mechanism_scram.h b/src/mongo/crypto/mechanism_scram.h
index 8ff6d488c06..87123351965 100644
--- a/src/mongo/crypto/mechanism_scram.h
+++ b/src/mongo/crypto/mechanism_scram.h
@@ -36,7 +36,6 @@
 #include "mongo/base/secure_allocator.h"
 #include "mongo/base/status.h"
 #include "mongo/crypto/sha1_block.h"
-#include "mongo/db/auth/authorization_manager.h"
 #include "mongo/db/jsobj.h"
 #include "mongo/platform/random.h"
 #include "mongo/util/assert_util.h"
diff --git a/src/mongo/db/auth/authorization_manager_global.cpp b/src/mongo/db/auth/authorization_manager_global.cpp
index 0088ac451d5..e024fc64e3b 100644
--- a/src/mongo/db/auth/authorization_manager_global.cpp
+++ b/src/mongo/db/auth/authorization_manager_global.cpp
@@ -31,9 +31,8 @@
 #include "mongo/base/disallow_copying.h"
 #include "mongo/base/init.h"
 #include "mongo/db/auth/authorization_manager.h"
-#include "mongo/db/auth/authorization_manager_global.h"
-#include "mongo/db/auth/authorization_manager_impl.h"
 #include "mongo/db/auth/authz_manager_external_state.h"
+#include "mongo/db/operation_context.h"
 #include "mongo/db/server_options.h"
 #include "mongo/db/server_parameters.h"
 #include "mongo/db/service_context.h"
@@ -42,6 +41,9 @@
 
 namespace mongo {
 namespace {
+
+const std::string kAuthSchemaVersionServerParameter = "authSchemaVersion";
+
 class AuthzVersionParameter : public ServerParameter {
     MONGO_DISALLOW_COPYING(AuthzVersionParameter);
 
@@ -56,7 +58,7 @@ MONGO_INITIALIZER_GENERAL(AuthzSchemaParameter,
                           MONGO_NO_PREREQUISITES,
                           ("BeginStartupOptionParsing"))
 (InitializerContext*) {
-    new AuthzVersionParameter(ServerParameterSet::getGlobal(), authSchemaVersionServerParameter);
+    new AuthzVersionParameter(ServerParameterSet::getGlobal(), kAuthSchemaVersionServerParameter);
     return Status::OK();
 }
 
@@ -67,7 +69,8 @@ void AuthzVersionParameter::append(OperationContext* opCtx,
                                    BSONObjBuilder& b,
                                    const std::string& name) {
     int authzVersion;
-    uassertStatusOK(getGlobalAuthorizationManager()->getAuthorizationVersion(opCtx, &authzVersion));
+    uassertStatusOK(AuthorizationManager::get(opCtx->getServiceContext())
+                        ->getAuthorizationVersion(opCtx, &authzVersion));
     b.append(name, authzVersion);
 }
 
@@ -81,14 +84,6 @@ Status AuthzVersionParameter::setFromString(const std::string& newValueString) {
 
 }  // namespace
 
-const std::string authSchemaVersionServerParameter = "authSchemaVersion";
-
-AuthorizationManager* getGlobalAuthorizationManager() {
-    AuthorizationManager* globalAuthManager = AuthorizationManager::get(getGlobalServiceContext());
-    fassert(16842, globalAuthManager != nullptr);
-    return globalAuthManager;
-}
-
 MONGO_EXPORT_STARTUP_SERVER_PARAMETER(startupAuthSchemaValidation, bool, true);
 
 ServiceContext::ConstructorActionRegisterer createAuthorizationManager(
@@ -103,4 +98,5 @@ ServiceContext::ConstructorActionRegisterer createAuthorizationManager(
         authzManager->setShouldValidateAuthSchemaOnStartup(startupAuthSchemaValidation);
         AuthorizationManager::set(service, std::move(authzManager));
     });
+
 }  // namespace mongo
diff --git a/src/mongo/db/auth/authorization_manager_global.h b/src/mongo/db/auth/authorization_manager_global.h
deleted file mode 100644
index 3e6e936e520..00000000000
--- a/src/mongo/db/auth/authorization_manager_global.h
+++ /dev/null
@@ -1,43 +0,0 @@
-/**
-*    Copyright (C) 2013 10gen Inc.
-*
-*    This program is free software: you can redistribute it and/or  modify
-*    it under the terms of the GNU Affero General Public License, version 3,
-*    as published by the Free Software Foundation.
-*
-*    This program is distributed in the hope that it will be useful,
-*    but WITHOUT ANY WARRANTY; without even the implied warranty of
-*    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-*    GNU Affero General Public License for more details.
-*
-*    You should have received a copy of the GNU Affero General Public License
-*    along with this program.  If not, see <http://www.gnu.org/licenses/>.
-*
-*    As a special exception, the copyright holders give permission to link the
-*    code of portions of this program with the OpenSSL library under certain
-*    conditions as described in each individual source file and distribute
-*    linked combinations including the program with the OpenSSL library. You
-*    must comply with the GNU Affero General Public License in all respects for
-*    all of the code used other than as permitted herein. If you modify file(s)
-*    with this exception, you may extend this exception to your version of the
-*    file(s), but you are not obligated to do so. If you do not wish to do so,
-*    delete this exception statement from your version. If you delete this
-*    exception statement from all source files in the program, then also delete
-*    it in the license file.
-*/
-
-#pragma once
-
-#include "mongo/db/auth/authorization_manager.h"
-
-namespace mongo {
-
-/**
- * Name of the server parameter used to report the auth schema version (via getParameter).
- */
-extern const std::string authSchemaVersionServerParameter;
-
-// Gets the singleton AuthorizationManager object for this server process.
-AuthorizationManager* getGlobalAuthorizationManager();
-
-}  // namespace mongo
diff --git a/src/mongo/db/auth/authorization_session.cpp b/src/mongo/db/auth/authorization_session.cpp
index 6965c5c9809..9dc2c22003e 100644
--- a/src/mongo/db/auth/authorization_session.cpp
+++ b/src/mongo/db/auth/authorization_session.cpp
@@ -38,7 +38,6 @@
 #include "mongo/base/status.h"
 #include "mongo/db/auth/action_set.h"
 #include "mongo/db/auth/action_type.h"
-#include "mongo/db/auth/authorization_manager.h"
 #include "mongo/db/auth/authz_session_external_state.h"
 #include "mongo/db/auth/privilege.h"
 #include "mongo/db/auth/restriction_environment.h"
diff --git a/src/mongo/db/auth/authorization_session_impl.cpp b/src/mongo/db/auth/authorization_session_impl.cpp
index 7ef744aef6e..e0f304ec197 100644
--- a/src/mongo/db/auth/authorization_session_impl.cpp
+++ b/src/mongo/db/auth/authorization_session_impl.cpp
@@ -38,7 +38,6 @@
 #include "mongo/base/status.h"
 #include "mongo/db/auth/action_set.h"
 #include "mongo/db/auth/action_type.h"
-#include "mongo/db/auth/authorization_manager.h"
 #include "mongo/db/auth/authz_session_external_state.h"
 #include "mongo/db/auth/privilege.h"
 #include "mongo/db/auth/restriction_environment.h"
diff --git a/src/mongo/db/auth/authorization_session_impl.h b/src/mongo/db/auth/authorization_session_impl.h
index b0b6bb731d3..e28d7d1b34a 100644
--- a/src/mongo/db/auth/authorization_session_impl.h
+++ b/src/mongo/db/auth/authorization_session_impl.h
@@ -28,8 +28,6 @@
 
 #pragma once
 
-#include "authorization_session.h"
-
 #include <memory>
 #include <string>
 #include <vector>
@@ -38,7 +36,7 @@
 #include "mongo/base/status.h"
 #include "mongo/db/auth/action_set.h"
 #include "mongo/db/auth/action_type.h"
-#include "mongo/db/auth/authorization_manager.h"
+#include "mongo/db/auth/authorization_session.h"
 #include "mongo/db/auth/authz_session_external_state.h"
 #include "mongo/db/auth/privilege.h"
 #include "mongo/db/auth/user_name.h"
@@ -48,9 +46,9 @@
 namespace mongo {
 
 namespace auth {
-
 struct CreateOrUpdateRoleArgs;
 }
+
 class Client;
 
 /**
diff --git a/src/mongo/db/auth/authorization_session_test.cpp b/src/mongo/db/auth/authorization_session_test.cpp
index 4ae564a3518..af175eec063 100644
--- a/src/mongo/db/auth/authorization_session_test.cpp
+++ b/src/mongo/db/auth/authorization_session_test.cpp
@@ -36,7 +36,6 @@
 #include "mongo/crypto/sha1_block.h"
 #include "mongo/crypto/sha256_block.h"
 #include "mongo/db/auth/action_type.h"
-#include "mongo/db/auth/authorization_manager.h"
 #include "mongo/db/auth/authorization_manager_impl.h"
 #include "mongo/db/auth/authorization_session_for_test.h"
 #include "mongo/db/auth/authz_manager_external_state_mock.h"
diff --git a/src/mongo/db/auth/authz_manager_external_state_d.cpp b/src/mongo/db/auth/authz_manager_external_state_d.cpp
index 2c5b4a307bb..ed784bfef10 100644
--- a/src/mongo/db/auth/authz_manager_external_state_d.cpp
+++ b/src/mongo/db/auth/authz_manager_external_state_d.cpp
@@ -33,7 +33,6 @@
 #include "mongo/db/auth/authz_manager_external_state_d.h"
 
 #include "mongo/base/status.h"
-#include "mongo/db/auth/authorization_manager.h"
 #include "mongo/db/auth/authz_session_external_state_d.h"
 #include "mongo/db/auth/user_name.h"
 #include "mongo/db/client.h"
diff --git a/src/mongo/db/auth/authz_manager_external_state_local.cpp b/src/mongo/db/auth/authz_manager_external_state_local.cpp
index 4da06238437..4a18de24aa7 100644
--- a/src/mongo/db/auth/authz_manager_external_state_local.cpp
+++ b/src/mongo/db/auth/authz_manager_external_state_local.cpp
@@ -28,6 +28,8 @@
 
 #define MONGO_LOG_DEFAULT_COMPONENT ::mongo::logger::LogComponent::kAccessControl
 
+#include "mongo/platform/basic.h"
+
 #include "mongo/db/auth/authz_manager_external_state_local.h"
 
 #include "mongo/base/status.h"
@@ -35,7 +37,6 @@
 #include "mongo/bson/mutable/document.h"
 #include "mongo/bson/mutable/element.h"
 #include "mongo/bson/util/bson_extract.h"
-#include "mongo/db/auth/authorization_manager.h"
 #include "mongo/db/auth/privilege_parser.h"
 #include "mongo/db/auth/user_document_parser.h"
 #include "mongo/db/operation_context.h"
diff --git a/src/mongo/db/auth/authz_manager_external_state_mock.cpp b/src/mongo/db/auth/authz_manager_external_state_mock.cpp
index 62c8c9fae74..28ac97b4393 100644
--- a/src/mongo/db/auth/authz_manager_external_state_mock.cpp
+++ b/src/mongo/db/auth/authz_manager_external_state_mock.cpp
@@ -26,6 +26,8 @@
 *    it in the license file.
 */
 
+#include "mongo/platform/basic.h"
+
 #include "mongo/db/auth/authz_manager_external_state_mock.h"
 
 #include <string>
@@ -34,7 +36,6 @@
 #include "mongo/bson/mutable/algorithm.h"
 #include "mongo/bson/mutable/document.h"
 #include "mongo/bson/mutable/element.h"
-#include "mongo/db/auth/authorization_manager.h"
 #include "mongo/db/auth/authz_session_external_state_mock.h"
 #include "mongo/db/auth/privilege_parser.h"
 #include "mongo/db/jsobj.h"
diff --git a/src/mongo/db/auth/authz_manager_external_state_s.cpp b/src/mongo/db/auth/authz_manager_external_state_s.cpp
index 00826a064a9..3b563b5947d 100644
--- a/src/mongo/db/auth/authz_manager_external_state_s.cpp
+++ b/src/mongo/db/auth/authz_manager_external_state_s.cpp
@@ -35,8 +35,6 @@
 #include <string>
 #include <vector>
 
-#include "mongo/db/auth/authorization_manager.h"
-#include "mongo/db/auth/authorization_manager_global.h"
 #include "mongo/db/auth/authz_session_external_state_s.h"
 #include "mongo/db/auth/user_document_parser.h"
 #include "mongo/db/auth/user_management_commands_parser.h"
@@ -101,11 +99,9 @@ AuthzManagerExternalStateMongos::makeAuthzSessionExternalState(AuthorizationMana
 
 Status AuthzManagerExternalStateMongos::getStoredAuthorizationVersion(OperationContext* opCtx,
                                                                       int* outVersion) {
-    // Note: we are treating
-    // { 'getParameter' : 1, <authSchemaVersionServerParameter> : 1 }
-    // as a user management command since this is the *only* part of mongos
-    // that runs this command
-    BSONObj getParameterCmd = BSON("getParameter" << 1 << authSchemaVersionServerParameter << 1);
+    // NOTE: We are treating the command "{ 'getParameter' : 1, 'authSchemaVersion' : 1 }" as a user
+    // management command since this is the *only* part of mongos that runs this command.
+    BSONObj getParameterCmd = BSON("getParameter" << 1 << "authSchemaVersion" << 1);
     BSONObjBuilder builder;
     const bool ok = Grid::get(opCtx)->catalogClient()->runUserManagementReadCommand(
         opCtx, "admin", getParameterCmd, &builder);
@@ -114,7 +110,7 @@ Status AuthzManagerExternalStateMongos::getStoredAuthorizationVersion(OperationC
         return getStatusFromCommandResult(cmdResult);
     }
 
-    BSONElement versionElement = cmdResult[authSchemaVersionServerParameter];
+    BSONElement versionElement = cmdResult["authSchemaVersion"];
     if (versionElement.eoo()) {
         return Status(ErrorCodes::UnknownError, "getParameter misbehaved.");
     }
diff --git a/src/mongo/db/auth/authz_manager_external_state_s.h b/src/mongo/db/auth/authz_manager_external_state_s.h
index 8d06602b7a5..2a4666d0c33 100644
--- a/src/mongo/db/auth/authz_manager_external_state_s.h
+++ b/src/mongo/db/auth/authz_manager_external_state_s.h
@@ -33,13 +33,11 @@
 
 #include "mongo/base/disallow_copying.h"
 #include "mongo/base/status.h"
-#include "mongo/db/auth/authorization_manager.h"
 #include "mongo/db/auth/authz_manager_external_state.h"
 #include "mongo/db/auth/privilege_format.h"
 #include "mongo/db/auth/user_name.h"
 #include "mongo/stdx/functional.h"
 
-
 namespace mongo {
 
 /**
diff --git a/src/mongo/db/auth/authz_session_external_state.cpp b/src/mongo/db/auth/authz_session_external_state.cpp
index f9ca8fe2d02..4d4f61b15c2 100644
--- a/src/mongo/db/auth/authz_session_external_state.cpp
+++ b/src/mongo/db/auth/authz_session_external_state.cpp
@@ -31,7 +31,6 @@
 #include "mongo/db/auth/authz_session_external_state.h"
 
 #include "mongo/base/status.h"
-#include "mongo/db/auth/authorization_manager.h"
 #include "mongo/db/namespace_string.h"
 
 namespace mongo {
diff --git a/src/mongo/db/auth/authz_session_external_state_d.cpp b/src/mongo/db/auth/authz_session_external_state_d.cpp
index 0b6fd980469..3120864eb34 100644
--- a/src/mongo/db/auth/authz_session_external_state_d.cpp
+++ b/src/mongo/db/auth/authz_session_external_state_d.cpp
@@ -26,10 +26,11 @@
 *    it in the license file.
 */
 
+#include "mongo/platform/basic.h"
+
 #include "mongo/db/auth/authz_session_external_state_d.h"
 
 #include "mongo/base/status.h"
-#include "mongo/db/auth/authorization_manager.h"
 #include "mongo/db/client.h"
 #include "mongo/db/jsobj.h"
 #include "mongo/db/operation_context.h"
@@ -37,7 +38,6 @@
 #include "mongo/scripting/engine.h"
 #include "mongo/util/assert_util.h"
 
-
 namespace mongo {
 
 AuthzSessionExternalStateMongod::AuthzSessionExternalStateMongod(AuthorizationManager* authzManager)
diff --git a/src/mongo/db/auth/authz_session_external_state_d.h b/src/mongo/db/auth/authz_session_external_state_d.h
index dd861ac0dcc..9aa6a64d3c6 100644
--- a/src/mongo/db/auth/authz_session_external_state_d.h
+++ b/src/mongo/db/auth/authz_session_external_state_d.h
@@ -30,7 +30,6 @@
 
 #include "mongo/base/disallow_copying.h"
 #include "mongo/base/status.h"
-#include "mongo/db/auth/authorization_manager.h"
 #include "mongo/db/auth/authz_session_external_state_server_common.h"
 
 namespace mongo {
diff --git a/src/mongo/db/auth/authz_session_external_state_mock.h b/src/mongo/db/auth/authz_session_external_state_mock.h
index 0713d18f6dd..f247b4ebf4e 100644
--- a/src/mongo/db/auth/authz_session_external_state_mock.h
+++ b/src/mongo/db/auth/authz_session_external_state_mock.h
@@ -30,7 +30,6 @@
 
 #include "mongo/base/disallow_copying.h"
 #include "mongo/base/status.h"
-#include "mongo/db/auth/authorization_manager.h"
 #include "mongo/db/auth/authz_session_external_state.h"
 
 namespace mongo {
diff --git a/src/mongo/db/auth/authz_session_external_state_s.cpp b/src/mongo/db/auth/authz_session_external_state_s.cpp
index acfebe8aaa9..c24beecf891 100644
--- a/src/mongo/db/auth/authz_session_external_state_s.cpp
+++ b/src/mongo/db/auth/authz_session_external_state_s.cpp
@@ -26,12 +26,13 @@
 *    it in the license file.
 */
 
+#include "mongo/platform/basic.h"
+
 #include "mongo/db/auth/authz_session_external_state_s.h"
 
 #include <string>
 
 #include "mongo/base/status.h"
-#include "mongo/db/auth/authorization_manager.h"
 #include "mongo/db/jsobj.h"
 #include "mongo/s/grid.h"
 
diff --git a/src/mongo/db/auth/authz_session_external_state_s.h b/src/mongo/db/auth/authz_session_external_state_s.h
index d8a4f81164e..76084fe2b1b 100644
--- a/src/mongo/db/auth/authz_session_external_state_s.h
+++ b/src/mongo/db/auth/authz_session_external_state_s.h
@@ -30,7 +30,6 @@
 
 #include "mongo/base/disallow_copying.h"
 #include "mongo/base/status.h"
-#include "mongo/db/auth/authorization_manager.h"
 #include "mongo/db/auth/authz_session_external_state_server_common.h"
 
 namespace mongo {
diff --git a/src/mongo/db/auth/authz_session_external_state_server_common.cpp b/src/mongo/db/auth/authz_session_external_state_server_common.cpp
index 24d3b8ceecc..5cb27ae0cd9 100644
--- a/src/mongo/db/auth/authz_session_external_state_server_common.cpp
+++ b/src/mongo/db/auth/authz_session_external_state_server_common.cpp
@@ -35,7 +35,6 @@
 #include <mutex>
 
 #include "mongo/base/status.h"
-#include "mongo/db/auth/authorization_manager.h"
 #include "mongo/db/client.h"
 #include "mongo/db/server_parameters.h"
 #include "mongo/util/debug_util.h"
diff --git a/src/mongo/db/auth/authz_session_external_state_server_common.h b/src/mongo/db/auth/authz_session_external_state_server_common.h
index d46c78413ba..7594239b62f 100644
--- a/src/mongo/db/auth/authz_session_external_state_server_common.h
+++ b/src/mongo/db/auth/authz_session_external_state_server_common.h
@@ -30,7 +30,6 @@
 
 #include "mongo/base/disallow_copying.h"
 #include "mongo/base/status.h"
-#include "mongo/db/auth/authorization_manager.h"
 #include "mongo/db/auth/authz_session_external_state.h"
 
 namespace mongo {
diff --git a/src/mongo/db/cloner.cpp b/src/mongo/db/cloner.cpp
index 76c4e2e0a5a..9345088843a 100644
--- a/src/mongo/db/cloner.cpp
+++ b/src/mongo/db/cloner.cpp
@@ -36,8 +36,6 @@
 #include "mongo/bson/unordered_fields_bsonobj_comparator.h"
 #include "mongo/bson/util/bson_extract.h"
 #include "mongo/bson/util/builder.h"
-#include "mongo/db/auth/authorization_manager.h"
-#include "mongo/db/auth/authorization_manager_global.h"
 #include "mongo/db/auth/internal_user_auth.h"
 #include "mongo/db/catalog/collection.h"
 #include "mongo/db/catalog/collection_catalog_entry.h"
diff --git a/src/mongo/db/commands/apply_ops_cmd.cpp b/src/mongo/db/commands/apply_ops_cmd.cpp
index b6dabaabe58..da7f16f886e 100644
--- a/src/mongo/db/commands/apply_ops_cmd.cpp
+++ b/src/mongo/db/commands/apply_ops_cmd.cpp
@@ -34,8 +34,6 @@
 
 #include "mongo/bson/util/bson_check.h"
 #include "mongo/bson/util/bson_extract.h"
-#include "mongo/db/auth/authorization_manager.h"
-#include "mongo/db/auth/authorization_manager_global.h"
 #include "mongo/db/auth/authorization_session.h"
 #include "mongo/db/catalog/document_validation.h"
 #include "mongo/db/catalog/uuid_catalog.h"
diff --git a/src/mongo/db/commands/cpuprofile.cpp b/src/mongo/db/commands/cpuprofile.cpp
index df7dbeb537e..07a132cea26 100644
--- a/src/mongo/db/commands/cpuprofile.cpp
+++ b/src/mongo/db/commands/cpuprofile.cpp
@@ -47,6 +47,8 @@
  *     scons --release --use-cpu-profiler
  */
 
+#include "mongo/platform/basic.h"
+
 #include "gperftools/profiler.h"
 
 #include <string>
@@ -54,7 +56,6 @@
 
 #include "mongo/db/auth/action_set.h"
 #include "mongo/db/auth/action_type.h"
-#include "mongo/db/auth/authorization_manager.h"
 #include "mongo/db/auth/privilege.h"
 #include "mongo/db/client.h"
 #include "mongo/db/commands.h"
@@ -62,7 +63,6 @@
 #include "mongo/db/jsobj.h"
 
 namespace mongo {
-
 namespace {
 
 /**
diff --git a/src/mongo/db/commands/dbcommands.cpp b/src/mongo/db/commands/dbcommands.cpp
index 542f7bc5bf7..1b55dae5dda 100644
--- a/src/mongo/db/commands/dbcommands.cpp
+++ b/src/mongo/db/commands/dbcommands.cpp
@@ -40,7 +40,6 @@
 #include "mongo/db/audit.h"
 #include "mongo/db/auth/action_set.h"
 #include "mongo/db/auth/action_type.h"
-#include "mongo/db/auth/authorization_manager.h"
 #include "mongo/db/auth/authorization_session.h"
 #include "mongo/db/auth/privilege.h"
 #include "mongo/db/auth/user_management_commands_parser.h"
diff --git a/src/mongo/db/commands/dbcommands_d.cpp b/src/mongo/db/commands/dbcommands_d.cpp
index 29452ea8c1a..28401a02611 100644
--- a/src/mongo/db/commands/dbcommands_d.cpp
+++ b/src/mongo/db/commands/dbcommands_d.cpp
@@ -40,7 +40,6 @@
 #include "mongo/db/audit.h"
 #include "mongo/db/auth/action_set.h"
 #include "mongo/db/auth/action_type.h"
-#include "mongo/db/auth/authorization_manager.h"
 #include "mongo/db/auth/authorization_session.h"
 #include "mongo/db/auth/privilege.h"
 #include "mongo/db/auth/user_management_commands_parser.h"
diff --git a/src/mongo/db/commands/do_txn_cmd.cpp b/src/mongo/db/commands/do_txn_cmd.cpp
index e71036dab00..74c18347e97 100644
--- a/src/mongo/db/commands/do_txn_cmd.cpp
+++ b/src/mongo/db/commands/do_txn_cmd.cpp
@@ -34,8 +34,6 @@
 
 #include "mongo/bson/util/bson_check.h"
 #include "mongo/bson/util/bson_extract.h"
-#include "mongo/db/auth/authorization_manager.h"
-#include "mongo/db/auth/authorization_manager_global.h"
 #include "mongo/db/auth/authorization_session.h"
 #include "mongo/db/catalog/document_validation.h"
 #include "mongo/db/catalog/uuid_catalog.h"
diff --git a/src/mongo/db/commands/fsync.cpp b/src/mongo/db/commands/fsync.cpp
index 7f68ba2cecd..b33b065dc85 100644
--- a/src/mongo/db/commands/fsync.cpp
+++ b/src/mongo/db/commands/fsync.cpp
@@ -38,7 +38,6 @@
 #include "mongo/bson/bsonobjbuilder.h"
 #include "mongo/db/auth/action_set.h"
 #include "mongo/db/auth/action_type.h"
-#include "mongo/db/auth/authorization_manager.h"
 #include "mongo/db/auth/authorization_session.h"
 #include "mongo/db/auth/privilege.h"
 #include "mongo/db/client.h"
diff --git a/src/mongo/db/commands/resize_oplog.cpp b/src/mongo/db/commands/resize_oplog.cpp
index d743e57cac3..744779b490b 100644
--- a/src/mongo/db/commands/resize_oplog.cpp
+++ b/src/mongo/db/commands/resize_oplog.cpp
@@ -32,8 +32,6 @@
 
 #include <string>
 
-#include "mongo/db/auth/authorization_manager.h"
-#include "mongo/db/auth/authorization_manager_global.h"
 #include "mongo/db/auth/authorization_session.h"
 #include "mongo/db/catalog/collection.h"
 #include "mongo/db/catalog/collection_catalog_entry.h"
@@ -46,9 +44,7 @@
 #include "mongo/util/scopeguard.h"
 
 namespace mongo {
-
-using std::string;
-using std::stringstream;
+namespace {
 
 class CmdReplSetResizeOplog : public BasicCommand {
 public:
@@ -82,7 +78,7 @@ public:
     }
 
     bool run(OperationContext* opCtx,
-             const string& dbname,
+             const std::string& dbname,
              const BSONObj& jsobj,
              BSONObjBuilder& result) {
         const NamespaceString nss("local", "oplog.rs");
@@ -116,5 +112,8 @@ public:
         LOG(0) << "replSetResizeOplog success, currentSize:" << size;
         return true;
     }
+
 } cmdReplSetResizeOplog;
-}
+
+}  // namespace
+}  // namespace mongo
diff --git a/src/mongo/db/commands/touch.cpp b/src/mongo/db/commands/touch.cpp
index 4a2d1a7bc5f..f9a50a75fd1 100644
--- a/src/mongo/db/commands/touch.cpp
+++ b/src/mongo/db/commands/touch.cpp
@@ -37,7 +37,6 @@
 
 #include "mongo/db/auth/action_set.h"
 #include "mongo/db/auth/action_type.h"
-#include "mongo/db/auth/authorization_manager.h"
 #include "mongo/db/auth/privilege.h"
 #include "mongo/db/catalog/collection.h"
 #include "mongo/db/catalog/database.h"
@@ -49,9 +48,7 @@
 #include "mongo/util/timer.h"
 
 namespace mongo {
-
-using std::string;
-using std::stringstream;
+namespace {
 
 class TouchCmd : public ErrmsgCommandDeprecated {
 public:
@@ -83,9 +80,9 @@ public:
     TouchCmd() : ErrmsgCommandDeprecated("touch") {}
 
     virtual bool errmsgRun(OperationContext* opCtx,
-                           const string& dbname,
+                           const std::string& dbname,
                            const BSONObj& cmdObj,
-                           string& errmsg,
+                           std::string& errmsg,
                            BSONObjBuilder& result) {
         const NamespaceString nss = CommandHelpers::parseNsCollectionRequired(dbname, cmdObj);
         if (!nss.isNormal()) {
@@ -112,6 +109,8 @@ public:
         uassertStatusOK(collection->touch(opCtx, touch_data, touch_indexes, &result));
         return true;
     }
-};
-static TouchCmd touchCmd;
-}
+
+} touchCmd;
+
+}  // namespace
+}  // namespace mongo
diff --git a/src/mongo/db/commands/user_management_commands.cpp b/src/mongo/db/commands/user_management_commands.cpp
index 7f1d12cc6de..7ccdfcc8364 100644
--- a/src/mongo/db/commands/user_management_commands.cpp
+++ b/src/mongo/db/commands/user_management_commands.cpp
@@ -47,7 +47,6 @@
 #include "mongo/db/auth/action_type.h"
 #include "mongo/db/auth/address_restriction.h"
 #include "mongo/db/auth/authorization_manager.h"
-#include "mongo/db/auth/authorization_manager_global.h"
 #include "mongo/db/auth/authorization_session.h"
 #include "mongo/db/auth/privilege.h"
 #include "mongo/db/auth/privilege_parser.h"
@@ -2350,7 +2349,7 @@ public:
              const string& dbname,
              const BSONObj& cmdObj,
              BSONObjBuilder& result) {
-        AuthorizationManager* authzManager = getGlobalAuthorizationManager();
+        AuthorizationManager* authzManager = AuthorizationManager::get(opCtx->getServiceContext());
         auto lk = requireReadableAuthSchema26Upgrade(opCtx, authzManager);
         authzManager->invalidateUserCache(opCtx);
         return true;
@@ -2388,7 +2387,7 @@ public:
              const string& dbname,
              const BSONObj& cmdObj,
              BSONObjBuilder& result) {
-        AuthorizationManager* authzManager = getGlobalAuthorizationManager();
+        AuthorizationManager* authzManager = AuthorizationManager::get(opCtx->getServiceContext());
         result.append("cacheGeneration", authzManager->getCacheGeneration());
         return true;
     }
diff --git a/src/mongo/db/db.cpp b/src/mongo/db/db.cpp
index 867352fb200..8d3de4218b5 100644
--- a/src/mongo/db/db.cpp
+++ b/src/mongo/db/db.cpp
@@ -48,7 +48,6 @@
 #include "mongo/config.h"
 #include "mongo/db/audit.h"
 #include "mongo/db/auth/authorization_manager.h"
-#include "mongo/db/auth/authorization_manager_global.h"
 #include "mongo/db/auth/sasl_options.h"
 #include "mongo/db/catalog/collection.h"
 #include "mongo/db/catalog/create_collection.h"
@@ -1009,11 +1008,11 @@ int mongoDbMain(int argc, char* argv[], char** envp) {
     startupConfigActions(std::vector<std::string>(argv, argv + argc));
     cmdline_utils::censorArgvArray(argc, argv);
 
-    if (!initializeServerGlobalState())
+    if (!initializeServerGlobalState(service))
         quickExit(EXIT_FAILURE);
 
-    // Per SERVER-7434, startSignalProcessingThread() must run after any forks
-    // (initializeServerGlobalState()) and before creation of any other threads.
+    // Per SERVER-7434, startSignalProcessingThread must run after any forks (i.e.
+    // initializeServerGlobalState) and before the creation of any other threads
     startSignalProcessingThread();
 
 #if defined(_WIN32)
diff --git a/src/mongo/db/initialize_server_global_state.cpp b/src/mongo/db/initialize_server_global_state.cpp
index 847873010ee..860256ef483 100644
--- a/src/mongo/db/initialize_server_global_state.cpp
+++ b/src/mongo/db/initialize_server_global_state.cpp
@@ -47,7 +47,6 @@
 #include "mongo/base/init.h"
 #include "mongo/config.h"
 #include "mongo/db/auth/authorization_manager.h"
-#include "mongo/db/auth/authorization_manager_global.h"
 #include "mongo/db/auth/internal_user_auth.h"
 #include "mongo/db/auth/sasl_command_constants.h"
 #include "mongo/db/auth/security_key.h"
@@ -364,8 +363,7 @@ MONGO_INITIALIZER(MungeUmask)(InitializerContext*) {
 }  // namespace
 #endif
 
-bool initializeServerGlobalState() {
-
+bool initializeServerGlobalState(ServiceContext* service) {
 #ifndef _WIN32
     if (!serverGlobalParams.noUnixSocket && !fs::is_directory(serverGlobalParams.socket)) {
         cout << serverGlobalParams.socket << " must be a directory" << endl;
@@ -393,11 +391,10 @@ bool initializeServerGlobalState() {
     // clusterAuthMode defaults to "keyFile" if a --keyFile parameter is provided.
     if (clusterAuthMode != ServerGlobalParams::ClusterAuthMode_undefined &&
         !serverGlobalParams.transitionToAuth) {
-        getGlobalAuthorizationManager()->setAuthEnabled(true);
+        AuthorizationManager::get(service)->setAuthEnabled(true);
     }
 
 #ifdef MONGO_CONFIG_SSL
-
     if (clusterAuthMode == ServerGlobalParams::ClusterAuthMode_x509 ||
         clusterAuthMode == ServerGlobalParams::ClusterAuthMode_sendX509) {
         setInternalUserAuthParams(
@@ -409,6 +406,7 @@ bool initializeServerGlobalState() {
                  << getSSLManager()->getSSLConfiguration().clientSubjectName.toString()));
     }
 #endif
+
     return true;
 }
 
diff --git a/src/mongo/db/initialize_server_global_state.h b/src/mongo/db/initialize_server_global_state.h
index c4953b70548..5add1ed141a 100644
--- a/src/mongo/db/initialize_server_global_state.h
+++ b/src/mongo/db/initialize_server_global_state.h
@@ -30,12 +30,14 @@
 
 namespace mongo {
 
+class ServiceContext;
+
 /**
  * Perform initialization activity common across all mongo server types.
  *
  * Set up logging, daemonize the process, configure SSL, etc.
  */
-bool initializeServerGlobalState();
+bool initializeServerGlobalState(ServiceContext* service);
 
 /**
  * Forks and detaches the server, on platforms that support it, if serverGlobalParams.doFork is
diff --git a/src/mongo/db/matcher/SConscript b/src/mongo/db/matcher/SConscript
index 4ed8aa31be1..444c2b6739e 100644
--- a/src/mongo/db/matcher/SConscript
+++ b/src/mongo/db/matcher/SConscript
@@ -161,7 +161,6 @@ env.Library(
         'expression_where.cpp',
     ],
     LIBDEPS=[
-        '$BUILD_DIR/mongo/db/auth/authorization_manager_global',
         '$BUILD_DIR/mongo/db/concurrency/lock_manager',
         '$BUILD_DIR/mongo/db/fts/base_fts',
         '$BUILD_DIR/mongo/scripting/scripting_server',
diff --git a/src/mongo/db/pipeline/SConscript b/src/mongo/db/pipeline/SConscript
index 59b9b19db39..1e07bb15e4f 100644
--- a/src/mongo/db/pipeline/SConscript
+++ b/src/mongo/db/pipeline/SConscript
@@ -280,7 +280,7 @@ env.Library(
         'mongo_process_common.cpp',
     ],
     LIBDEPS=[
-        '$BUILD_DIR/mongo/db/auth/authorization_manager_global',
+        '$BUILD_DIR/mongo/db/auth/auth',
         '$BUILD_DIR/mongo/db/generic_cursor',
         'field_path',
     ]
@@ -389,7 +389,7 @@ pipelineeEnv.Library(
     ],
     LIBDEPS=[
         '$BUILD_DIR/mongo/client/clientdriver_minimal',
-        '$BUILD_DIR/mongo/db/auth/authorization_manager_global',
+        '$BUILD_DIR/mongo/db/auth/auth',
         '$BUILD_DIR/mongo/db/bson/dotted_path_support',
         '$BUILD_DIR/mongo/db/curop',
         '$BUILD_DIR/mongo/db/generic_cursor',
diff --git a/src/mongo/db/repl/SConscript b/src/mongo/db/repl/SConscript
index 5c0f5e5e36d..a187fc04080 100644
--- a/src/mongo/db/repl/SConscript
+++ b/src/mongo/db/repl/SConscript
@@ -149,7 +149,6 @@ env.Library(
         'sync_source_resolver',
         '$BUILD_DIR/mongo/client/connection_pool',
         '$BUILD_DIR/mongo/client/fetcher',
-        '$BUILD_DIR/mongo/db/auth/authorization_manager_global',
         '$BUILD_DIR/mongo/db/concurrency/write_conflict_exception',
         '$BUILD_DIR/mongo/db/server_parameters',
         '$BUILD_DIR/mongo/db/service_context',
diff --git a/src/mongo/db/repl/isself.cpp b/src/mongo/db/repl/isself.cpp
index eb52e2c45a2..468e64a80cc 100644
--- a/src/mongo/db/repl/isself.cpp
+++ b/src/mongo/db/repl/isself.cpp
@@ -39,8 +39,6 @@
 #include "mongo/client/dbclient_connection.h"
 #include "mongo/db/auth/action_set.h"
 #include "mongo/db/auth/action_type.h"
-#include "mongo/db/auth/authorization_manager.h"
-#include "mongo/db/auth/authorization_manager_global.h"
 #include "mongo/db/auth/internal_user_auth.h"
 #include "mongo/db/auth/privilege.h"
 #include "mongo/db/commands.h"
diff --git a/src/mongo/db/repl/oplog.cpp b/src/mongo/db/repl/oplog.cpp
index 34f6ace269d..9dad9bcacc7 100644
--- a/src/mongo/db/repl/oplog.cpp
+++ b/src/mongo/db/repl/oplog.cpp
@@ -40,7 +40,6 @@
 #include "mongo/db/auth/action_set.h"
 #include "mongo/db/auth/action_type.h"
 #include "mongo/db/auth/authorization_manager.h"
-#include "mongo/db/auth/authorization_manager_global.h"
 #include "mongo/db/auth/privilege.h"
 #include "mongo/db/background.h"
 #include "mongo/db/catalog/capped_utils.h"
@@ -75,7 +74,6 @@
 #include "mongo/db/repl/apply_ops.h"
 #include "mongo/db/repl/bgsync.h"
 #include "mongo/db/repl/dbcheck.h"
-#include "mongo/db/repl/oplogreader.h"
 #include "mongo/db/repl/optime.h"
 #include "mongo/db/repl/repl_client_info.h"
 #include "mongo/db/repl/replication_coordinator.h"
@@ -643,6 +641,8 @@ long long getNewOplogSizeBytes(OperationContext* opCtx, const ReplSettings& repl
 void createOplog(OperationContext* opCtx, const std::string& oplogCollectionName, bool isReplSet) {
     Lock::GlobalWrite lk(opCtx);
 
+    const auto service = opCtx->getServiceContext();
+
     const ReplSettings& replSettings = ReplicationCoordinator::get(opCtx)->getSettings();
 
     OldClientContext ctx(opCtx, oplogCollectionName);
@@ -685,13 +685,13 @@ void createOplog(OperationContext* opCtx, const std::string& oplogCollectionName
         invariant(ctx.db()->createCollection(opCtx, oplogCollectionName, options));
         acquireOplogCollectionForLogging(opCtx);
         if (!isReplSet) {
-            opCtx->getServiceContext()->getOpObserver()->onOpMessage(opCtx, BSONObj());
+            service->getOpObserver()->onOpMessage(opCtx, BSONObj());
         }
         uow.commit();
     });
 
     /* sync here so we don't get any surprising lag later when we try to sync */
-    StorageEngine* storageEngine = getGlobalServiceContext()->getStorageEngine();
+    StorageEngine* storageEngine = service->getStorageEngine();
     storageEngine->flushAllFiles(opCtx, true);
 
     log() << "******" << endl;
@@ -1692,8 +1692,7 @@ Status applyCommand_inlock(OperationContext* opCtx,
         }
     }
 
-
-    getGlobalAuthorizationManager()->logOp(opCtx, opType, nss, o, nullptr);
+    AuthorizationManager::get(opCtx->getServiceContext())->logOp(opCtx, opType, nss, o, nullptr);
     return Status::OK();
 }
 
@@ -1721,7 +1720,6 @@ void oplogCheckCloseDatabase(OperationContext* opCtx, Database* db) {
     }
 }
 
-
 void acquireOplogCollectionForLogging(OperationContext* opCtx) {
     auto& oplogInfo = localOplogInfo(opCtx->getServiceContext());
     if (!oplogInfo.oplogName.empty()) {
diff --git a/src/mongo/db/repl/oplogreader.cpp b/src/mongo/db/repl/oplogreader.cpp
index cb592dbcd9d..2809419a581 100644
--- a/src/mongo/db/repl/oplogreader.cpp
+++ b/src/mongo/db/repl/oplogreader.cpp
@@ -35,19 +35,25 @@
 #include <string>
 
 #include "mongo/db/auth/authorization_manager.h"
-#include "mongo/db/auth/authorization_manager_global.h"
 #include "mongo/db/auth/authorization_session.h"
 #include "mongo/db/auth/internal_user_auth.h"
 #include "mongo/executor/network_interface.h"
 #include "mongo/util/log.h"
 
 namespace mongo {
-
-using std::shared_ptr;
-using std::endl;
-using std::string;
-
 namespace repl {
+namespace {
+
+// Gets the singleton AuthorizationManager object for this server process
+//
+// TODO (SERVER-37563): Pass the service context instead of calling getGlobalServiceContext.
+AuthorizationManager* getGlobalAuthorizationManager() {
+    AuthorizationManager* globalAuthManager = AuthorizationManager::get(getGlobalServiceContext());
+    fassert(16842, globalAuthManager != nullptr);
+    return globalAuthManager;
+}
+
+}  // namespace
 
 bool replAuthenticate(DBClientBase* conn) {
     if (isInternalAuthSet())
@@ -70,12 +76,13 @@ OplogReader::OplogReader() {
 bool OplogReader::connect(const HostAndPort& host) {
     if (conn() == NULL || _host != host) {
         resetConnection();
-        _conn = shared_ptr<DBClientConnection>(
+        _conn = std::shared_ptr<DBClientConnection>(
             new DBClientConnection(false, durationCount<Seconds>(kSocketTimeout)));
-        string errmsg;
+
+        std::string errmsg;
         if (!_conn->connect(host, StringData(), errmsg) || !replAuthenticate(_conn.get())) {
             resetConnection();
-            error() << errmsg << endl;
+            error() << errmsg;
             return false;
         }
         _conn->setTags(transport::Session::kKeepOpen);
@@ -93,7 +100,7 @@ void OplogReader::tailCheck() {
 
 void OplogReader::tailingQuery(const char* ns, const BSONObj& query) {
     verify(!haveCursor());
-    LOG(2) << ns << ".find(" << redact(query) << ')' << endl;
+    LOG(2) << ns << ".find(" << redact(query) << ')';
     cursor.reset(
         _conn->query(NamespaceString(ns), query, 0, 0, nullptr, _tailingQueryOptions).release());
 }
diff --git a/src/mongo/db/repl/repl_set_commands.cpp b/src/mongo/db/repl/repl_set_commands.cpp
index d1700aa1d41..647f535f8a2 100644
--- a/src/mongo/db/repl/repl_set_commands.cpp
+++ b/src/mongo/db/repl/repl_set_commands.cpp
@@ -41,7 +41,6 @@
 #include "mongo/bson/util/bson_extract.h"
 #include "mongo/db/auth/action_set.h"
 #include "mongo/db/auth/action_type.h"
-#include "mongo/db/auth/authorization_manager.h"
 #include "mongo/db/auth/authorization_session.h"
 #include "mongo/db/commands.h"
 #include "mongo/db/commands/server_status_metric.h"
diff --git a/src/mongo/db/repl/replication_coordinator.h b/src/mongo/db/repl/replication_coordinator.h
index 3e2b3cee08b..44b51a1f268 100644
--- a/src/mongo/db/repl/replication_coordinator.h
+++ b/src/mongo/db/repl/replication_coordinator.h
@@ -66,7 +66,6 @@ namespace repl {
 
 class BackgroundSync;
 class IsMasterResponse;
-class OplogReader;
 class OpTime;
 class ReadConcernArgs;
 class ReplSetConfig;
diff --git a/src/mongo/db/repl/replication_coordinator_impl.h b/src/mongo/db/repl/replication_coordinator_impl.h
index 6e5bfd78a2a..3bca1480300 100644
--- a/src/mongo/db/repl/replication_coordinator_impl.h
+++ b/src/mongo/db/repl/replication_coordinator_impl.h
@@ -72,7 +72,6 @@ namespace repl {
 
 class HeartbeatResponseAction;
 class LastVote;
-class OplogReader;
 class ReplicationProcess;
 class ReplSetRequestVotesArgs;
 class ReplSetConfig;
diff --git a/src/mongo/db/repl/replication_info.cpp b/src/mongo/db/repl/replication_info.cpp
index 3c594a75492..64eeeaba31b 100644
--- a/src/mongo/db/repl/replication_info.cpp
+++ b/src/mongo/db/repl/replication_info.cpp
@@ -33,6 +33,7 @@
 #include <vector>
 
 #include "mongo/client/connpool.h"
+#include "mongo/client/dbclient_connection.h"
 #include "mongo/db/auth/sasl_mechanism_registry.h"
 #include "mongo/db/client.h"
 #include "mongo/db/commands/server_status.h"
diff --git a/src/mongo/db/repl/task_runner_test_fixture.cpp b/src/mongo/db/repl/task_runner_test_fixture.cpp
index 3e510603d8a..d94ed168789 100644
--- a/src/mongo/db/repl/task_runner_test_fixture.cpp
+++ b/src/mongo/db/repl/task_runner_test_fixture.cpp
@@ -30,7 +30,6 @@
 
 #include "mongo/db/repl/task_runner_test_fixture.h"
 
-#include "mongo/db/auth/authorization_manager.h"
 #include "mongo/db/repl/task_runner.h"
 #include "mongo/stdx/functional.h"
 #include "mongo/stdx/memory.h"
diff --git a/src/mongo/db/s/cleanup_orphaned_cmd.cpp b/src/mongo/db/s/cleanup_orphaned_cmd.cpp
index 49043a59c40..789bf6f3b46 100644
--- a/src/mongo/db/s/cleanup_orphaned_cmd.cpp
+++ b/src/mongo/db/s/cleanup_orphaned_cmd.cpp
@@ -34,7 +34,6 @@
 #include <string>
 
 #include "mongo/db/auth/action_type.h"
-#include "mongo/db/auth/authorization_manager.h"
 #include "mongo/db/auth/authorization_session.h"
 #include "mongo/db/auth/privilege.h"
 #include "mongo/db/catalog_raii.h"
diff --git a/src/mongo/db/s/config/configsvr_move_primary_command.cpp b/src/mongo/db/s/config/configsvr_move_primary_command.cpp
index 91869fdd005..8f81c66f49c 100644
--- a/src/mongo/db/s/config/configsvr_move_primary_command.cpp
+++ b/src/mongo/db/s/config/configsvr_move_primary_command.cpp
@@ -33,7 +33,6 @@
 #include "mongo/client/connpool.h"
 #include "mongo/db/auth/action_set.h"
 #include "mongo/db/auth/action_type.h"
-#include "mongo/db/auth/authorization_manager.h"
 #include "mongo/db/auth/authorization_session.h"
 #include "mongo/db/catalog/document_validation.h"
 #include "mongo/db/client.h"
diff --git a/src/mongo/db/s/flush_database_cache_updates_command.cpp b/src/mongo/db/s/flush_database_cache_updates_command.cpp
index 5b70c6fede0..2b04911df7d 100644
--- a/src/mongo/db/s/flush_database_cache_updates_command.cpp
+++ b/src/mongo/db/s/flush_database_cache_updates_command.cpp
@@ -32,7 +32,6 @@
 
 #include "mongo/db/auth/action_set.h"
 #include "mongo/db/auth/action_type.h"
-#include "mongo/db/auth/authorization_manager.h"
 #include "mongo/db/auth/authorization_session.h"
 #include "mongo/db/auth/privilege.h"
 #include "mongo/db/catalog_raii.h"
diff --git a/src/mongo/db/s/flush_routing_table_cache_updates_command.cpp b/src/mongo/db/s/flush_routing_table_cache_updates_command.cpp
index 0f2bfae200b..8dea773f6c5 100644
--- a/src/mongo/db/s/flush_routing_table_cache_updates_command.cpp
+++ b/src/mongo/db/s/flush_routing_table_cache_updates_command.cpp
@@ -32,7 +32,6 @@
 
 #include "mongo/db/auth/action_set.h"
 #include "mongo/db/auth/action_type.h"
-#include "mongo/db/auth/authorization_manager.h"
 #include "mongo/db/auth/authorization_session.h"
 #include "mongo/db/auth/privilege.h"
 #include "mongo/db/catalog_raii.h"
diff --git a/src/mongo/db/s/get_database_version_command.cpp b/src/mongo/db/s/get_database_version_command.cpp
index b6925c705f2..4c782533113 100644
--- a/src/mongo/db/s/get_database_version_command.cpp
+++ b/src/mongo/db/s/get_database_version_command.cpp
@@ -32,7 +32,6 @@
 
 #include "mongo/db/auth/action_set.h"
 #include "mongo/db/auth/action_type.h"
-#include "mongo/db/auth/authorization_manager.h"
 #include "mongo/db/auth/authorization_session.h"
 #include "mongo/db/auth/privilege.h"
 #include "mongo/db/catalog_raii.h"
diff --git a/src/mongo/db/s/get_shard_version_command.cpp b/src/mongo/db/s/get_shard_version_command.cpp
index 8cf767f7e3b..9355f0b961f 100644
--- a/src/mongo/db/s/get_shard_version_command.cpp
+++ b/src/mongo/db/s/get_shard_version_command.cpp
@@ -32,7 +32,6 @@
 
 #include "mongo/db/auth/action_set.h"
 #include "mongo/db/auth/action_type.h"
-#include "mongo/db/auth/authorization_manager.h"
 #include "mongo/db/auth/authorization_session.h"
 #include "mongo/db/auth/privilege.h"
 #include "mongo/db/catalog_raii.h"
diff --git a/src/mongo/db/s/migration_chunk_cloner_source_legacy_commands.cpp b/src/mongo/db/s/migration_chunk_cloner_source_legacy_commands.cpp
index c74ae918cd1..11bb4b50e39 100644
--- a/src/mongo/db/s/migration_chunk_cloner_source_legacy_commands.cpp
+++ b/src/mongo/db/s/migration_chunk_cloner_source_legacy_commands.cpp
@@ -32,7 +32,6 @@
 
 #include "mongo/db/auth/action_set.h"
 #include "mongo/db/auth/action_type.h"
-#include "mongo/db/auth/authorization_manager.h"
 #include "mongo/db/auth/authorization_session.h"
 #include "mongo/db/auth/privilege.h"
 #include "mongo/db/catalog_raii.h"
diff --git a/src/mongo/db/s/migration_destination_manager.cpp b/src/mongo/db/s/migration_destination_manager.cpp
index a24e3e5bc56..79ad4403bb2 100644
--- a/src/mongo/db/s/migration_destination_manager.cpp
+++ b/src/mongo/db/s/migration_destination_manager.cpp
@@ -35,7 +35,6 @@
 #include <list>
 #include <vector>
 
-#include "mongo/db/auth/authorization_manager.h"
 #include "mongo/db/auth/authorization_session.h"
 #include "mongo/db/catalog/collection_catalog_entry.h"
 #include "mongo/db/catalog/document_validation.h"
diff --git a/src/mongo/db/s/migration_destination_manager_legacy_commands.cpp b/src/mongo/db/s/migration_destination_manager_legacy_commands.cpp
index ffc905c3dbf..8224dd46063 100644
--- a/src/mongo/db/s/migration_destination_manager_legacy_commands.cpp
+++ b/src/mongo/db/s/migration_destination_manager_legacy_commands.cpp
@@ -32,7 +32,6 @@
 
 #include "mongo/db/auth/action_set.h"
 #include "mongo/db/auth/action_type.h"
-#include "mongo/db/auth/authorization_manager.h"
 #include "mongo/db/auth/authorization_session.h"
 #include "mongo/db/auth/privilege.h"
 #include "mongo/db/commands.h"
diff --git a/src/mongo/db/s/move_chunk_command.cpp b/src/mongo/db/s/move_chunk_command.cpp
index 5297f161948..fc12b8bdc5e 100644
--- a/src/mongo/db/s/move_chunk_command.cpp
+++ b/src/mongo/db/s/move_chunk_command.cpp
@@ -33,7 +33,6 @@
 #include "mongo/client/remote_command_targeter.h"
 #include "mongo/db/auth/action_set.h"
 #include "mongo/db/auth/action_type.h"
-#include "mongo/db/auth/authorization_manager.h"
 #include "mongo/db/auth/authorization_session.h"
 #include "mongo/db/commands.h"
 #include "mongo/db/repl/repl_client_info.h"
diff --git a/src/mongo/db/s/op_observer_sharding_impl.cpp b/src/mongo/db/s/op_observer_sharding_impl.cpp
index f6ba177d296..c18e6f5aa55 100644
--- a/src/mongo/db/s/op_observer_sharding_impl.cpp
+++ b/src/mongo/db/s/op_observer_sharding_impl.cpp
@@ -30,34 +30,8 @@
 
 #include "mongo/db/s/op_observer_sharding_impl.h"
 
-//#include "mongo/bson/bsonobjbuilder.h"
-//#include "mongo/db/auth/authorization_manager.h"
-//#include "mongo/db/catalog/collection_catalog_entry.h"
-//#include "mongo/db/catalog/collection_options.h"
-//#include "mongo/db/catalog/database.h"
-//#include "mongo/db/catalog/database_holder.h"
-//#include "mongo/db/catalog/namespace_uuid_cache.h"
-//#include "mongo/db/commands/feature_compatibility_version.h"
-//#include "mongo/db/commands/feature_compatibility_version_parser.h"
-//#include "mongo/db/concurrency/d_concurrency.h"
-//#include "mongo/db/concurrency/write_conflict_exception.h"
-//#include "mongo/db/index/index_descriptor.h"
-//#include "mongo/db/logical_time_validator.h"
-//#include "mongo/db/namespace_string.h"
-//#include "mongo/db/operation_context.h"
-//#include "mongo/db/repl/oplog.h"
-//#include "mongo/db/repl/oplog_entry_gen.h"
-//#include "mongo/db/repl/replication_coordinator.h"
-////#include "mongo/db/s/shard_server_op_observer.h"
 #include "mongo/db/s/collection_sharding_runtime.h"
 #include "mongo/db/s/migration_source_manager.h"
-//#include "mongo/db/server_options.h"
-//#include "mongo/db/session_catalog.h"
-//#include "mongo/db/transaction_participant.h"
-//#include "mongo/db/views/durable_view_catalog.h"
-//#include "mongo/scripting/engine.h"
-//#include "mongo/util/assert_util.h"
-//#include "mongo/util/fail_point_service.h"
 
 namespace mongo {
 namespace {
diff --git a/src/mongo/db/s/set_shard_version_command.cpp b/src/mongo/db/s/set_shard_version_command.cpp
index e14feab3f7a..5303d3cbee3 100644
--- a/src/mongo/db/s/set_shard_version_command.cpp
+++ b/src/mongo/db/s/set_shard_version_command.cpp
@@ -32,7 +32,6 @@
 
 #include "mongo/db/auth/action_set.h"
 #include "mongo/db/auth/action_type.h"
-#include "mongo/db/auth/authorization_manager.h"
 #include "mongo/db/auth/authorization_session.h"
 #include "mongo/db/auth/privilege.h"
 #include "mongo/db/catalog_raii.h"
diff --git a/src/mongo/db/s/unset_sharding_command.cpp b/src/mongo/db/s/unset_sharding_command.cpp
index d1e0927330f..c2cbafce01d 100644
--- a/src/mongo/db/s/unset_sharding_command.cpp
+++ b/src/mongo/db/s/unset_sharding_command.cpp
@@ -32,7 +32,6 @@
 
 #include "mongo/db/auth/action_set.h"
 #include "mongo/db/auth/action_type.h"
-#include "mongo/db/auth/authorization_manager.h"
 #include "mongo/db/auth/authorization_session.h"
 #include "mongo/db/auth/privilege.h"
 #include "mongo/db/commands.h"
diff --git a/src/mongo/db/session_killer.cpp b/src/mongo/db/session_killer.cpp
index 034cc93038b..998ea0eaae1 100644
--- a/src/mongo/db/session_killer.cpp
+++ b/src/mongo/db/session_killer.cpp
@@ -30,7 +30,6 @@
 
 #include "mongo/db/session_killer.h"
 
-#include "mongo/db/auth/authorization_session.h"
 #include "mongo/db/client.h"
 #include "mongo/db/operation_context.h"
 #include "mongo/db/service_context.h"
diff --git a/src/mongo/db/system_index.cpp b/src/mongo/db/system_index.cpp
index ca5aa8329cf..c022879e8d0 100644
--- a/src/mongo/db/system_index.cpp
+++ b/src/mongo/db/system_index.cpp
@@ -36,7 +36,6 @@
 #include "mongo/base/status.h"
 #include "mongo/client/index_spec.h"
 #include "mongo/db/auth/authorization_manager.h"
-#include "mongo/db/auth/authorization_manager_global.h"
 #include "mongo/db/catalog/collection.h"
 #include "mongo/db/catalog/index_catalog.h"
 #include "mongo/db/catalog/index_create.h"
diff --git a/src/mongo/dbtests/dbtests.cpp b/src/mongo/dbtests/dbtests.cpp
index 33aee8da3ab..4bfd1d3236f 100644
--- a/src/mongo/dbtests/dbtests.cpp
+++ b/src/mongo/dbtests/dbtests.cpp
@@ -36,7 +36,6 @@
 #include "mongo/base/init.h"
 #include "mongo/base/initializer.h"
 #include "mongo/db/auth/authorization_manager.h"
-#include "mongo/db/auth/authorization_manager_global.h"
 #include "mongo/db/catalog/index_create.h"
 #include "mongo/db/commands.h"
 #include "mongo/db/commands/test_commands_enabled.h"
@@ -169,7 +168,8 @@ int dbtestsMain(int argc, char** argv, char** envp) {
     repl::ReplSettings replSettings;
     replSettings.setOplogSizeBytes(10 * 1024 * 1024);
     setGlobalServiceContext(ServiceContext::make());
-    ServiceContext* service = getGlobalServiceContext();
+
+    const auto service = getGlobalServiceContext();
     service->setServiceEntryPoint(std::make_unique<ServiceEntryPointMongod>(service));
 
     auto logicalClock = stdx::make_unique<LogicalClock>(service);
@@ -196,7 +196,7 @@ int dbtestsMain(int argc, char** argv, char** envp) {
         service,
         std::unique_ptr<repl::ReplicationCoordinator>(
             new repl::ReplicationCoordinatorMock(service, replSettings)));
-    repl::ReplicationCoordinator::get(getGlobalServiceContext())
+    repl::ReplicationCoordinator::get(service)
         ->setFollowerMode(repl::MemberState::RS_PRIMARY)
         .ignore();
 
@@ -204,7 +204,7 @@ int dbtestsMain(int argc, char** argv, char** envp) {
     repl::DropPendingCollectionReaper::set(
         service, stdx::make_unique<repl::DropPendingCollectionReaper>(storageMock.get()));
 
-    getGlobalAuthorizationManager()->setAuthEnabled(false);
+    AuthorizationManager::get(service)->setAuthEnabled(false);
     ScriptEngine::setup();
     StartupTest::runTests();
     return mongo::dbtests::runDbTests(argc, argv);
diff --git a/src/mongo/embedded/embedded_auth_session.cpp b/src/mongo/embedded/embedded_auth_session.cpp
index e01e0210e0b..3f3a06cac3b 100644
--- a/src/mongo/embedded/embedded_auth_session.cpp
+++ b/src/mongo/embedded/embedded_auth_session.cpp
@@ -28,7 +28,6 @@
 
 #include "mongo/platform/basic.h"
 
-#include "mongo/db/auth/authorization_manager.h"
 #include "mongo/db/auth/authorization_session.h"
 #include "mongo/embedded/not_implemented.h"
 #include "mongo/util/assert_util.h"
@@ -36,6 +35,7 @@
 namespace mongo {
 namespace embedded {
 namespace {
+
 class Impl : public UserNameIterator::Impl {
     bool more() const override {
         return false;
@@ -53,7 +53,6 @@ class Impl : public UserNameIterator::Impl {
     }
 };
 
-
 class AuthorizationSession : public mongo::AuthorizationSession {
 public:
     explicit AuthorizationSession(AuthorizationManager* const authzManager)
@@ -267,6 +266,7 @@ protected:
 private:
     AuthorizationManager* const _authzManager;
 };
+
 }  // namespace
 }  // namespace embedded
 
@@ -274,4 +274,5 @@ MONGO_REGISTER_SHIM(AuthorizationSession::create)
 (AuthorizationManager* const authzManager)->std::unique_ptr<AuthorizationSession> {
     return std::make_unique<embedded::AuthorizationSession>(authzManager);
 }
+
 }  // namespace mongo
diff --git a/src/mongo/s/commands/cluster_enable_sharding_cmd.cpp b/src/mongo/s/commands/cluster_enable_sharding_cmd.cpp
index 5ef7ce53a37..5651db28cb4 100644
--- a/src/mongo/s/commands/cluster_enable_sharding_cmd.cpp
+++ b/src/mongo/s/commands/cluster_enable_sharding_cmd.cpp
@@ -32,7 +32,6 @@
 
 #include "mongo/db/auth/action_set.h"
 #include "mongo/db/auth/action_type.h"
-#include "mongo/db/auth/authorization_manager.h"
 #include "mongo/db/auth/authorization_session.h"
 #include "mongo/db/commands.h"
 #include "mongo/s/catalog_cache.h"
diff --git a/src/mongo/s/commands/cluster_get_shard_version_cmd.cpp b/src/mongo/s/commands/cluster_get_shard_version_cmd.cpp
index fbbf4511c47..923bc00283f 100644
--- a/src/mongo/s/commands/cluster_get_shard_version_cmd.cpp
+++ b/src/mongo/s/commands/cluster_get_shard_version_cmd.cpp
@@ -32,7 +32,6 @@
 
 #include "mongo/db/auth/action_set.h"
 #include "mongo/db/auth/action_type.h"
-#include "mongo/db/auth/authorization_manager.h"
 #include "mongo/db/auth/authorization_session.h"
 #include "mongo/db/commands.h"
 #include "mongo/s/catalog_cache.h"
diff --git a/src/mongo/s/commands/cluster_move_chunk_cmd.cpp b/src/mongo/s/commands/cluster_move_chunk_cmd.cpp
index 11320d106fd..2562f728f97 100644
--- a/src/mongo/s/commands/cluster_move_chunk_cmd.cpp
+++ b/src/mongo/s/commands/cluster_move_chunk_cmd.cpp
@@ -33,7 +33,6 @@
 #include "mongo/db/audit.h"
 #include "mongo/db/auth/action_set.h"
 #include "mongo/db/auth/action_type.h"
-#include "mongo/db/auth/authorization_manager.h"
 #include "mongo/db/auth/authorization_session.h"
 #include "mongo/db/client.h"
 #include "mongo/db/commands.h"
diff --git a/src/mongo/s/commands/cluster_move_primary_cmd.cpp b/src/mongo/s/commands/cluster_move_primary_cmd.cpp
index bbc9d304595..5e9eace3f10 100644
--- a/src/mongo/s/commands/cluster_move_primary_cmd.cpp
+++ b/src/mongo/s/commands/cluster_move_primary_cmd.cpp
@@ -33,7 +33,6 @@
 #include "mongo/bson/util/bson_extract.h"
 #include "mongo/db/audit.h"
 #include "mongo/db/auth/action_type.h"
-#include "mongo/db/auth/authorization_manager.h"
 #include "mongo/db/auth/authorization_session.h"
 #include "mongo/db/commands.h"
 #include "mongo/rpc/write_concern_error_detail.h"
diff --git a/src/mongo/s/commands/cluster_shard_collection_cmd.cpp b/src/mongo/s/commands/cluster_shard_collection_cmd.cpp
index 6a23acf60e5..f0f113f9bfd 100644
--- a/src/mongo/s/commands/cluster_shard_collection_cmd.cpp
+++ b/src/mongo/s/commands/cluster_shard_collection_cmd.cpp
@@ -41,7 +41,6 @@
 #include "mongo/db/audit.h"
 #include "mongo/db/auth/action_set.h"
 #include "mongo/db/auth/action_type.h"
-#include "mongo/db/auth/authorization_manager.h"
 #include "mongo/db/auth/authorization_session.h"
 #include "mongo/db/client.h"
 #include "mongo/db/commands.h"
diff --git a/src/mongo/s/commands/cluster_split_cmd.cpp b/src/mongo/s/commands/cluster_split_cmd.cpp
index 2b73b297b1f..75d3b6f12a3 100644
--- a/src/mongo/s/commands/cluster_split_cmd.cpp
+++ b/src/mongo/s/commands/cluster_split_cmd.cpp
@@ -35,7 +35,6 @@
 
 #include "mongo/db/auth/action_set.h"
 #include "mongo/db/auth/action_type.h"
-#include "mongo/db/auth/authorization_manager.h"
 #include "mongo/db/auth/authorization_session.h"
 #include "mongo/db/commands.h"
 #include "mongo/db/field_parser.h"
diff --git a/src/mongo/s/commands/cluster_user_management_commands.cpp b/src/mongo/s/commands/cluster_user_management_commands.cpp
index 7e398fd9ac1..a89560b7fb6 100644
--- a/src/mongo/s/commands/cluster_user_management_commands.cpp
+++ b/src/mongo/s/commands/cluster_user_management_commands.cpp
@@ -34,7 +34,6 @@
 #include "mongo/bson/mutable/document.h"
 #include "mongo/config.h"
 #include "mongo/db/auth/authorization_manager.h"
-#include "mongo/db/auth/authorization_manager_global.h"
 #include "mongo/db/auth/user_management_commands_parser.h"
 #include "mongo/db/commands.h"
 #include "mongo/db/commands/user_management_commands.h"
@@ -137,10 +136,8 @@ public:
             CommandHelpers::filterCommandRequestForPassthrough(cmdObj),
             &result);
 
-        AuthorizationManager* authzManager = getGlobalAuthorizationManager();
-        invariant(authzManager);
+        const auto authzManager = AuthorizationManager::get(opCtx->getServiceContext());
         authzManager->invalidateUserByName(opCtx, args.userName);
-
         return ok;
     }
 
@@ -188,10 +185,8 @@ public:
             CommandHelpers::filterCommandRequestForPassthrough(cmdObj),
             &result);
 
-        AuthorizationManager* authzManager = getGlobalAuthorizationManager();
-        invariant(authzManager);
+        const auto authzManager = AuthorizationManager::get(opCtx->getServiceContext());
         authzManager->invalidateUserByName(opCtx, userName);
-
         return ok;
     }
 
@@ -230,10 +225,8 @@ public:
             CommandHelpers::filterCommandRequestForPassthrough(cmdObj),
             &result);
 
-        AuthorizationManager* authzManager = getGlobalAuthorizationManager();
-        invariant(authzManager);
+        const auto authzManager = AuthorizationManager::get(opCtx->getServiceContext());
         authzManager->invalidateUsersFromDB(opCtx, dbname);
-
         return ok;
     }
 
@@ -279,10 +272,8 @@ public:
             CommandHelpers::filterCommandRequestForPassthrough(cmdObj),
             &result);
 
-        AuthorizationManager* authzManager = getGlobalAuthorizationManager();
-        invariant(authzManager);
+        const auto authzManager = AuthorizationManager::get(opCtx->getServiceContext());
         authzManager->invalidateUserByName(opCtx, UserName(userNameString, dbname));
-
         return ok;
     }
 
@@ -328,10 +319,8 @@ public:
             CommandHelpers::filterCommandRequestForPassthrough(cmdObj),
             &result);
 
-        AuthorizationManager* authzManager = getGlobalAuthorizationManager();
-        invariant(authzManager);
+        const auto authzManager = AuthorizationManager::get(opCtx->getServiceContext());
         authzManager->invalidateUserByName(opCtx, UserName(userNameString, dbname));
-
         return ok;
     }
 
@@ -438,10 +427,8 @@ public:
             CommandHelpers::filterCommandRequestForPassthrough(cmdObj),
             &result);
 
-        AuthorizationManager* authzManager = getGlobalAuthorizationManager();
-        invariant(authzManager);
+        const auto authzManager = AuthorizationManager::get(opCtx->getServiceContext());
         authzManager->invalidateUserCache(opCtx);
-
         return ok;
     }
 
@@ -481,10 +468,8 @@ public:
             CommandHelpers::filterCommandRequestForPassthrough(cmdObj),
             &result);
 
-        AuthorizationManager* authzManager = getGlobalAuthorizationManager();
-        invariant(authzManager);
+        const auto authzManager = AuthorizationManager::get(opCtx->getServiceContext());
         authzManager->invalidateUserCache(opCtx);
-
         return ok;
     }
 
@@ -523,10 +508,8 @@ public:
             CommandHelpers::filterCommandRequestForPassthrough(cmdObj),
             &result);
 
-        AuthorizationManager* authzManager = getGlobalAuthorizationManager();
-        invariant(authzManager);
+        const auto authzManager = AuthorizationManager::get(opCtx->getServiceContext());
         authzManager->invalidateUserCache(opCtx);
-
         return ok;
     }
 
@@ -565,10 +548,8 @@ public:
             CommandHelpers::filterCommandRequestForPassthrough(cmdObj),
             &result);
 
-        AuthorizationManager* authzManager = getGlobalAuthorizationManager();
-        invariant(authzManager);
+        const auto authzManager = AuthorizationManager::get(opCtx->getServiceContext());
         authzManager->invalidateUserCache(opCtx);
-
         return ok;
     }
 
@@ -607,10 +588,8 @@ public:
             CommandHelpers::filterCommandRequestForPassthrough(cmdObj),
             &result);
 
-        AuthorizationManager* authzManager = getGlobalAuthorizationManager();
-        invariant(authzManager);
+        const auto authzManager = AuthorizationManager::get(opCtx->getServiceContext());
         authzManager->invalidateUserCache(opCtx);
-
         return ok;
     }
 
@@ -652,10 +631,8 @@ public:
             CommandHelpers::filterCommandRequestForPassthrough(cmdObj),
             &result);
 
-        AuthorizationManager* authzManager = getGlobalAuthorizationManager();
-        invariant(authzManager);
+        const auto authzManager = AuthorizationManager::get(opCtx->getServiceContext());
         authzManager->invalidateUserCache(opCtx);
-
         return ok;
     }
 
@@ -699,10 +676,8 @@ public:
             CommandHelpers::filterCommandRequestForPassthrough(cmdObj),
             &result);
 
-        AuthorizationManager* authzManager = getGlobalAuthorizationManager();
-        invariant(authzManager);
+        const auto authzManager = AuthorizationManager::get(opCtx->getServiceContext());
         authzManager->invalidateUserCache(opCtx);
-
         return ok;
     }
 
@@ -771,8 +746,7 @@ public:
              const string& dbname,
              const BSONObj& cmdObj,
              BSONObjBuilder& result) {
-        AuthorizationManager* authzManager = getGlobalAuthorizationManager();
-        invariant(authzManager);
+        const auto authzManager = AuthorizationManager::get(opCtx->getServiceContext());
         authzManager->invalidateUserCache(opCtx);
         return true;
     }
diff --git a/src/mongo/s/server.cpp b/src/mongo/s/server.cpp
index 80ea5479d6b..fe733e84f11 100644
--- a/src/mongo/s/server.cpp
+++ b/src/mongo/s/server.cpp
@@ -44,7 +44,6 @@
 #include "mongo/config.h"
 #include "mongo/db/audit.h"
 #include "mongo/db/auth/authorization_manager.h"
-#include "mongo/db/auth/authorization_manager_global.h"
 #include "mongo/db/auth/authz_manager_external_state_s.h"
 #include "mongo/db/auth/user_cache_invalidator_job.h"
 #include "mongo/db/client.h"
@@ -582,7 +581,9 @@ ExitCode mongoSMain(int argc, char* argv[], char** envp) {
         return EXIT_ABRUPT;
     }
 
-    registerShutdownTask([&]() { cleanupTask(getGlobalServiceContext()); });
+    const auto service = getGlobalServiceContext();
+
+    registerShutdownTask([service]() { cleanupTask(service); });
 
     ErrorExtraInfo::invariantHaveAllParsers();
 
@@ -592,12 +593,12 @@ ExitCode mongoSMain(int argc, char* argv[], char** envp) {
     logCommonStartupWarnings(serverGlobalParams);
 
     try {
-        if (!initializeServerGlobalState())
+        if (!initializeServerGlobalState(service))
             return EXIT_ABRUPT;
 
         startSignalProcessingThread();
 
-        return main(getGlobalServiceContext());
+        return main(service);
     } catch (const DBException& e) {
         error() << "uncaught DBException in mongos main: " << redact(e);
         return EXIT_UNCAUGHT;
author	Kaloian Manassiev <kaloian.manassiev@mongodb.com>	2018-10-11 08:09:52 -0400
committer	Kaloian Manassiev <kaloian.manassiev@mongodb.com>	2018-10-12 07:10:58 -0400
commit	ae2b60fce624cd9f4a95037316033b53846be176 (patch)
tree	8cc0df2f5645baa710dd135c071f65b558c02320 /src
parent	849c85561e065598813d6a702ce132f494380eed (diff)
download	mongo-ae2b60fce624cd9f4a95037316033b53846be176.tar.gz