[SERVER-53962] Move UMC audit hooks to OpObservers Created: 21/Jan/21 Updated: 29/Oct/23 Resolved: 12/Feb/21 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Internal Code, Security |
| Affects Version/s: | None |
| Fix Version/s: | 5.0.0 |
| Type: | Improvement | Priority: | Major - P3 |
| Reporter: | Spencer Jackson | Assignee: | Sergey Galtsev (Inactive) |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Attachments: |
|
||||||||||||||||||||
| Issue Links: |
|
||||||||||||||||||||
| Backwards Compatibility: | Minor Change | ||||||||||||||||||||
| Sprint: | Security 2021-02-08, Security 2021-02-22 | ||||||||||||||||||||
| Participants: | |||||||||||||||||||||
| Description |
|
We should consider moving the audit hooks from the User Management Commands to the AuthOpObserver, which would invoke them solely on primaries. When a primary performs a write to these system collections, either as a part of a User Management Command or as part of a CRUD operation, the hook will check whether the generated oplog event implies that an authorization audit event should be recorded. If yes and the current node is a primary, it will invoke the audit hook. Because primaries invoke OpObserves in the catalog layer while clients perform operations, the active OperationContext will contain the client's authentication and authorization state. |
| Comments |
| Comment by Githook User [ 12/Feb/21 ] |
|
Author: {'name': 'sergey.galtsev', 'email': 'sergey.galtsev@mongodb.com', 'username': 'brushless-glitch'}Message: |
| Comment by Githook User [ 12/Feb/21 ] |
|
Author: {'name': 'sergey.galtsev', 'email': 'sergey.galtsev@mongodb.com', 'username': 'brushless-glitch'}Message: |