[SERVER-81284] Implement getAuthEnvironment for GRPCSession Created: 20/Sep/23  Updated: 18/Dec/23  Resolved: 18/Dec/23

Status: Closed
Project: Core Server
Component/s: None
Affects Version/s: None
Fix Version/s: 7.3.0-rc0

Type: Improvement Priority: Major - P3
Reporter: Alex Li Assignee: Sara Golemon
Resolution: Fixed Votes: 0
Labels: auto-reverted
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Problem/Incident
Assigned Teams:
Service Arch
Backwards Compatibility: Fully Compatible
Sprint: Security 2023-12-25
Participants:
Linked BF Score: 147

 Description   

With the introduction of generic logging in SERVER-71100, the construction and access to RestrictionEnvironment is implemented by each Session in Session::getAuthEnvironment. The previous implementation of RestrictionEnvironment relies on SockAddrs which are used in CommonAsioSession.

This ticket involves figuring out how GRPCSession can fit into or work around the security related concepts such as RestrictionEnvironment.

Along with the implementation of Session::getAuthEnvironment, complete the linked TODO found in the enterprise modules by removing the cast to CommonAsioSession. The need for this cast came from the logging restrictions promised by audit logs to be a certain form for customer logging ingestion e.g.

{ ... , local: {ip: '127.0.0.1', port: 27017}, remote: {ip: '::1', port: 12345}, ... } 



 Comments   
Comment by Githook User [ 18/Dec/23 ]

Author:

{'name': 'Sara Golemon', 'email': 'sara.golemon@mongodb.com', 'username': 'sgolemon'}

Message: SERVER-81284 Provide clientSource in GRPC::getRestrictionEnvironment

GitOrigin-RevId: 2a2eb2c9fa23f9f884b27353686b60af246d2d27
Branch: master
https://github.com/mongodb/mongo/commit/6a1b6a8dd49dbe8725630a0ec02591450e935f37

Comment by Githook User [ 15/Dec/23 ]

Author:

{'name': 'auto-revert-processor', 'email': 'dev-prod-dag@mongodb.com', 'username': ''}

Message: Revert "SERVER-81284 Provide clientSource in GRPC::getRestrictionEnvironment"

This reverts commit 153e5f66ecba43befeb5237c6fcaaa157e6617da.

GitOrigin-RevId: e125d192f8d69b85c2db91aadf978d1a3aa27686
Branch: master
https://github.com/mongodb/mongo/commit/ac0e21f2173af06a3b22f4641a844ef71fedadca

Comment by Githook User [ 15/Dec/23 ]

Author:

{'name': 'Sara Golemon', 'email': 'sara.golemon@mongodb.com', 'username': 'sgolemon'}

Message: SERVER-81284 Provide clientSource in GRPC::getRestrictionEnvironment

GitOrigin-RevId: 153e5f66ecba43befeb5237c6fcaaa157e6617da
Branch: master
https://github.com/mongodb/mongo/commit/58602fc6be7465e557b98940fb354ace7b9cf056

Generated at Thu Feb 08 06:46:04 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.