Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-27595

Client IP address not shown

XMLWordPrintableJSON

    • Minor Change
    • ALL
    • Hide

      Try to login with an nonexistent user

      Show
      Try to login with an nonexistent user
    • Platforms 2017-06-19

      When an user tries to brute force access the mongo database it does not show the ip address of the incoming connection attempt.

      I only get the following two lines of log:

      2017-01-06T00:57:05.883+0000 I ACCESS [conn6110] Failed to authenticate rafa@admin with mechanism MONGODB-CR: AuthenticationFailed: UserNotFound: Could not find user rafa@admin
      2017-01-06T00:57:06.253+0000 I ACCESS [conn6110] authenticate db: admin

      { authenticate: 1.0, user: "rafa", nonce: "xxx", key: "xxx" }

      When the user exists but the password is wrong, I get the following line of log:

      2017-01-05T23:38:55.782+0000 I ACCESS [conn624] Failed to authenticate rafa@admin with mechanism MONGODB-CR: AuthenticationFailed: MONGODB-CR credentials missing in the user document

      I've found that this issue SERVER-16452was to resolve this problem.

      I've seen this problem with both versions that I marked.

            Assignee:
            sara.golemon@mongodb.com Sara Golemon
            Reporter:
            bruno@stilingue.com.br Bruno Santos
            Votes:
            2 Vote for this issue
            Watchers:
            6 Start watching this issue

              Created:
              Updated:
              Resolved: