Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-17516

Add audit log messages for using incorrect auth mechanisms.

    XMLWordPrintableJSON

Details

    • Security

    Description

      We should investigate whether we want to log to the audit log when a user attempts to authenticate with a nonexistent auth mechanism, for example:

      > db.auth({user:"amalia", pwd:"123456", mechanism:"fake"});
      

      This currently does not log to the audit log, and we may wish to change that behavior.

      Attachments

        Issue Links

          Activity

            People

              backlog-server-security Backlog - Security Team
              amalia.hawkins@10gen.com Amalia Hawkins
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated: