Loading...

XML

Word

Printable

JSON

Type: Improvement
Resolution: Unresolved
Priority: Major - P3
Fix Version/s: features we're not sure of
Affects Version/s: 3.0.0
Component/s: Security
Labels:
- former-quick-wins

Assigned Teams:

Server Security

We should investigate whether we want to log to the audit log when a user attempts to authenticate with a nonexistent auth mechanism, for example:

> db.auth({user:"amalia", pwd:"123456", mechanism:"fake"});

This currently does not log to the audit log, and we may wish to change that behavior.

is related to

SERVER-17507 MongoDB3 enterprise AuditLog

Closed

Assignee:: [DO NOT USE] Backlog - Security Team

Reporter:: Amalia Hawkins

Participants:: [DO NOT USE] Backlog - Security Team, Amalia Hawkins

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Created:: Mar 09 2015 07:16:58 PM UTC

Updated:: Dec 06 2022 04:55:00 AM UTC