[SERVER-24844] Add connection and client information to unauthorised log lines - MongoDB Jira

XML

Word

Printable

Details

Type: Improvement
Status: Closed
Priority: Major - P3
Resolution: Won't Do
Affects Version/s: 3.2.7
Fix Version/s: None
Component/s: Diagnostics, Security
Labels:
None

Sprint:
Security 2019-07-29, Security 2019-08-12, Security 2019-08-26

Description

~~SERVER-16452~~ added client connection information to failed log in attempts, however unauthorised messages are bereft of any detail to make them immediately useful. For example:

2016-06-30T08:42:35.887+1000 I ACCESS   [conn1] Unauthorized: not authorized on test to execute command { insert: "test", documents: [ { 1: 1.0, _id: ObjectId('57744edb16608f349f2197fc') } ], ordered: true }

The message does not tell you which user failed the check, and also does not tell you which client/ip address the attempt came from (without back tracing in the logs).

Attachments

Activity

People

Assignee:: Spencer Jackson

Reporter:: Andre de Frere

Participants:: Andre de Frere, Kevin Pulo, Spencer Jackson

Votes:: 0 Vote for this issue

Watchers:: 11 Start watching this issue

Dates

Created:: Jun 29 2016 10:47:39 PM UTC

Updated:: Aug 23 2019 04:06:36 PM UTC

Resolved:: Aug 23 2019 04:06:36 PM UTC