Details
-
Improvement
-
Status: Open
-
Major - P3
-
Resolution: Unresolved
-
3.0.0
-
Security
Description
We should investigate whether we want to log to the audit log when a user attempts to authenticate with a nonexistent auth mechanism, for example:
> db.auth({user:"amalia", pwd:"123456", mechanism:"fake"}); |
This currently does not log to the audit log, and we may wish to change that behavior.
Attachments
Issue Links
- is related to
-
SERVER-17507 MongoDB3 enterprise AuditLog
-
- Closed
-