[SERVER-24798] Improve log messages for LDAP Authorization Created: 24/Jun/16  Updated: 19/Jul/16  Resolved: 07/Jul/16

Status: Closed
Project: Core Server
Component/s: Security
Affects Version/s: None
Fix Version/s: 3.3.10

Type: Improvement Priority: Major - P3
Reporter: Spencer Jackson Assignee: Spencer Jackson
Resolution: Done Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Backwards Compatibility: Fully Compatible
Sprint: Security 17 (07/15/16)
Participants:

 Description   

A few improvements could be made to the log output from LDAP Authorization

  • Failure to map authentication names to LDAP DNs should output the full trace of every rule that was attempted.
  • LDAP name mapping rule failures should show the actual query that was executed and the failure reason
  • Forgetting ldap:// yields bad parameter to ldap_ routines. We should catch this up front.
  • We should try and minimize the number of reported errors when LDAP bind fails
  • Provide a better message for invalid scope types
  • Expected to find exactly one LDAP entity message should include the query


 Comments   
Comment by Githook User [ 07/Jul/16 ]

Author:

{u'username': u'spencerjackson', u'name': u'Spencer Jackson', u'email': u'spencer.jackson@mongodb.com'}

Message: SERVER-24798 Improve LDAP log messages
Branch: master
https://github.com/10gen/mongo-enterprise-modules/commit/163c7f8cf29f4e43bfc6fee5731d74b823d1ff5e

Generated at Thu Feb 08 04:07:27 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.