From 8d23154ed3e086213c5bd59b3e2fcba96a3cca41 Mon Sep 17 00:00:00 2001 From: Randolph Tan Date: Mon, 28 Jan 2019 17:00:20 -0500 Subject: SERVER-39232 Allow commands that do not require auth to refresh sessions --- src/mongo/db/initialize_operation_session_info.cpp | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) (limited to 'src/mongo/db/initialize_operation_session_info.cpp') diff --git a/src/mongo/db/initialize_operation_session_info.cpp b/src/mongo/db/initialize_operation_session_info.cpp index e513126f173..b48027bc130 100644 --- a/src/mongo/db/initialize_operation_session_info.cpp +++ b/src/mongo/db/initialize_operation_session_info.cpp @@ -60,16 +60,20 @@ OperationSessionInfoFromClient initializeOperationSessionInfo(OperationContext* !osi.getAutocommit()); uassert( 50889, "It is illegal to provide a txnNumber for this command", !osi.getTxnNumber()); - return {}; } - { + if (auto authSession = AuthorizationSession::get(opCtx->getClient())) { // If we're using the localhost bypass, and the client hasn't authenticated, // logical sessions are disabled. A client may authenticate as the __sytem user, // or as an externally authorized user. - AuthorizationSession* authSession = AuthorizationSession::get(opCtx->getClient()); - if (authSession && authSession->isUsingLocalhostBypass() && - !authSession->isAuthenticated()) { + if (authSession->isUsingLocalhostBypass() && !authSession->isAuthenticated()) { + return {}; + } + + // Do not initialize lsid when auth is enabled and no user is logged in since + // there is no sensible uid that can be assigned to it. + if (AuthorizationManager::get(opCtx->getServiceContext())->isAuthEnabled() && + !authSession->isAuthenticated() && !requiresAuth) { return {}; } } -- cgit v1.2.1