[SERVER-45295] Make sure that LDAP logs always contain context on AuthZN operation Created: 23/Dec/19  Updated: 29/Oct/23  Resolved: 30/Apr/20

Status: Closed
Project: Core Server
Component/s: Diagnostics, Security
Affects Version/s: None
Fix Version/s: 4.0.19, 4.2.7, 3.6.19, 4.4.0-rc4, 4.7.0

Type: Task Priority: Major - P3
Reporter: Spencer Jackson Assignee: Sara Golemon
Resolution: Fixed Votes: 1
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Backports
Related
is related to DOCS-12947 Configuring both setParameter.saslaut... Closed
Backwards Compatibility: Fully Compatible
Backport Requested:
v4.4, v4.2, v4.0, v3.6
Sprint: Security 2020-05-04
Participants:

 Description   

The LDAP query system can be entered by either the authentication component (during userToDNMapping), or during authorization. Binding as a LDAP user can be performed during authentication, or during authorization to become the service account user. Which context is active should be included in log statements.



 Comments   
Comment by Githook User [ 06/May/20 ]

Author:

{'name': 'Sara Golemon', 'email': 'sara.golemon@mongodb.com', 'username': 'sgolemon'}

Message: SERVER-45295 Add context to LDAP query operations, structurize LDAPQuery logging

(cherry picked from commit c92a300709751bf3e5dfe31f604481c49bba4644)
Branch: v3.6
https://github.com/10gen/mongo-enterprise-modules/commit/5398573a6d01493d04332dd2d395c571275d583a

Comment by Githook User [ 06/May/20 ]

Author:

{'name': 'Sara Golemon', 'email': 'sara.golemon@mongodb.com', 'username': 'sgolemon'}

Message: SERVER-45295 Add context to LDAP query operations, structurize LDAPQuery logging

(cherry picked from commit c92a300709751bf3e5dfe31f604481c49bba4644)
Branch: v4.0
https://github.com/10gen/mongo-enterprise-modules/commit/6201beb5205cd12a13404b156e5f22a62621e7fc

Comment by Githook User [ 06/May/20 ]

Author:

{'name': 'Sara Golemon', 'email': 'sara.golemon@mongodb.com', 'username': 'sgolemon'}

Message: SERVER-45295 Add context to LDAP query operations, structurize LDAPQuery logging

(cherry picked from commit c92a300709751bf3e5dfe31f604481c49bba4644)
Branch: v4.2
https://github.com/10gen/mongo-enterprise-modules/commit/8f89aa5316d02638e0640e64dc28dd3bfdc507fd

Comment by Githook User [ 05/May/20 ]

Author:

{'name': 'Sara Golemon', 'email': 'sara.golemon@mongodb.com', 'username': 'sgolemon'}

Message: SERVER-45295 Add context to LDAP query operations, structurize LDAPQuery logging

(cherry picked from commit c92a300709751bf3e5dfe31f604481c49bba4644)
Branch: v4.4
https://github.com/10gen/mongo-enterprise-modules/commit/3304823f80da6f606c071f67faa18ba2e2669872

Comment by Githook User [ 30/Apr/20 ]

Author:

{'name': 'Sara Golemon', 'email': 'sara.golemon@mongodb.com', 'username': 'sgolemon'}

Message: SERVER-45295 Add context to LDAP query operations, structurize LDAPQuery logging
Branch: master
https://github.com/10gen/mongo-enterprise-modules/commit/c92a300709751bf3e5dfe31f604481c49bba4644

Generated at Thu Feb 08 05:08:25 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.