[SERVER-11351] Audit records for “authenticate” don't match spec Created: 24/Oct/13  Updated: 10/Dec/14  Resolved: 24/Oct/13

Status: Closed
Project: Core Server
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Bug Priority: Trivial - P5
Reporter: bard.bloom@10gen.com Assignee: Matt Dannenberg
Resolution: Done Votes: 0
Labels: 26qa
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Related
Operating System: ALL
Participants:

 Description   

The spec https://wiki.mongodb.com/display/10GEN/Auditing says that the
messages for authentication use the phrasing "via mechanism"

Authentication succeeded for <user>@<db> from <remote ip and port> to <self ip and port> via <mechanism>.
Authentication failed for <user>@<db> via mechanism <mechanism>.  <message if present> 

But the messages from the server use the phrasing "using mechanism".

            2013-10-24T10:38:17.843-0400 user2@db1,AuthUser@admin 127.0.0.1:57508/127.0.0.1:27017 000000000000000000000000.0 Authentication failed for user4@db3 using mechanism MONGODB-CR.
            2013-10-24T10:38:17.846-0400 user2@db1,AuthUser@admin
            127.0.0.1:57508/127.0.0.1:27017 000000000000000000000000.0
            Authentication succeeded for AuthUser@admin using mechanism
            MONGODB-CR.

Both forms are perfectly fine, but the docs need to match the server behavior.



 Comments   
Comment by Matt Dannenberg [ 24/Oct/13 ]

Spec updated

Comment by Andy Schwerin [ 24/Oct/13 ]

I recommend we update the spec on this one, now that the remote and local ip and port are included in every audit message.

Generated at Thu Feb 08 03:25:33 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.