Loading...

XML

Word

Printable

JSON

Type: Improvement
Resolution: Duplicate
Priority: Major - P3
Fix Version/s: None
Affects Version/s: 2.5.5
Component/s: Logging, Security
Labels:
- Auditing

Assigned Teams:

Server Security
Confidence Status:
None
Work Order:
3

Aha! Reference:
None
Tracking Level:
None
Risk Status:
None
Exec Notes:
None
Goal Name:
None
Goal Link:
None

Currently operations performed by cluster members using internal authentication are logged with the internal __system user, and the IP address of the remote server. It would be an improvement to log the identity of the remote server requesting the operation rather than just its IP address.

For x.509 this is fairly straightforward since a unique name is provided in the client certificate presented by the remote server. We can use the name from the client certificate as a user name in the audit logs.

duplicates

SERVER-52862 Move logAuthentication hooks to AuthenticationSession

Closed

related to

SERVER-53604 Include original aws iam arn in authenticate audit logs

Closed

Assignee:: [DO NOT USE] Backlog - Security Team
Reporter:: Andreas Nilsson (Inactive)
Participants:: [DO NOT USE] Backlog - Security Team, Andreas Nilsson
Votes:: 0 Vote for this issue
Watchers:: 5 Start watching this issue

Created:: Feb 18 2014 04:50:34 PM UTC
Updated:: Dec 06 2022 05:11:31 AM UTC
Resolved:: Feb 02 2021 03:46:39 PM UTC

Details

Description

Attachments

Issue Links

Activity

People

Dates