[SERVER-8231] Unauthorized ops will only be logged when connection is not auth to any db Created: 18/Jan/13 Updated: 08/Mar/13 Resolved: 13/Feb/13 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Logging, Security |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | Bug | Priority: | Major - P3 |
| Reporter: | Randolph Tan | Assignee: | Spencer Brody (Inactive) |
| Resolution: | Cannot Reproduce | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||
| Operating System: | ALL | ||||
| Participants: | |||||
| Description |
|
Unauthorized ops will show up if the current client is not logged to any db (shows assert 16554). If the user is logged in to a db and tries to perform ops on another db which it is not authorized, no log will show up unless the verbosity is cranked up to at least level 1 (show assertion 16550). The behavior is inconsistent and can be misleading especially for users who intend to use logUserIds=1. |
| Comments |
| Comment by Randolph Tan [ 13/Feb/13 ] |
|
Rerun the same test script again and cannot reproduce the bug. |