Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-27595

Client IP address not shown

    XMLWordPrintable

    Details

    • Backwards Compatibility:
      Minor Change
    • Operating System:
      ALL
    • Steps To Reproduce:
      Hide

      Try to login with an nonexistent user

      Show
      Try to login with an nonexistent user
    • Sprint:
      Platforms 2017-06-19

      Description

      When an user tries to brute force access the mongo database it does not show the ip address of the incoming connection attempt.

      I only get the following two lines of log:

      2017-01-06T00:57:05.883+0000 I ACCESS [conn6110] Failed to authenticate rafa@admin with mechanism MONGODB-CR: AuthenticationFailed: UserNotFound: Could not find user rafa@admin
      2017-01-06T00:57:06.253+0000 I ACCESS [conn6110] authenticate db: admin

      { authenticate: 1.0, user: "rafa", nonce: "xxx", key: "xxx" }

      When the user exists but the password is wrong, I get the following line of log:

      2017-01-05T23:38:55.782+0000 I ACCESS [conn624] Failed to authenticate rafa@admin with mechanism MONGODB-CR: AuthenticationFailed: MONGODB-CR credentials missing in the user document

      I've found that this issue SERVER-16452was to resolve this problem.

      I've seen this problem with both versions that I marked.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              sara.golemon Sara Golemon
              Reporter:
              brunohms Bruno Henrique Miranda dos Santos
              Participants:
              Votes:
              2 Vote for this issue
              Watchers:
              7 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: