Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-97918

Remove impersonated user and roles from AuthorizationSession

XMLWordPrintableJSON

    • Type: Icon: Task Task
    • Resolution: Duplicate
    • Priority: Icon: Major - P3 Major - P3
    • None
    • Affects Version/s: None
    • Component/s: None
    • None
    • Server Security

      Once the auditing subsystem purely relies on AuditUserAttrs to source the user and roles for a given log event, we can get rid of the impersonated user and impersonated roles stored on AuthorizationSession.

      We may also be able to get rid of ImpersonationSession and other classes responsible for setting and getting impersonated user/roles on AuthorizationSession.

      We should also consider removing clearImpersonatedUserData as well.

            Assignee:
            Unassigned Unassigned
            Reporter:
            varun.ravichandran@mongodb.com Varun Ravichandran
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: