Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Won't Do
Priority: Major
Fix Version/s: Morpheus
Affects Version/s: Morpheus, 6.6.4, 7.0.3, 7.1.0
Component/s: ns_server
Labels:
- ns_server-straightforward

Triage:
Triaged
Story Points:
1
Is this a Regression?:
Unknown

Description

Because the response on the first stage of SCRAM-SHA authentication is always 401. The second stage request built using headers from the first stage response is the one that should be audited.

We still should log 401 to the access log though.

As seen in CBSE-11753

Attachments

Gerrit Reviews

- Issue Only
- Show All Reviews
- Show Open Reviews
- Show All Issues
- Show Open Issues

No reviews matched the request. Check your Options in the drop-down menu of this sections header.

Activity

People

Assignee:: Steve Watanabe

Reporter:: Artem Stemkovski

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 06/Apr/22 4:48 PM

Updated:: 05/Jan/23 11:07 AM

Resolved:: 05/Jan/23 11:07 AM

Gerrit Reviews

There are no open Gerrit changes

We should not audit log the auth failure of the first stage SCRAM-SHA request

Details

Description

Attachments

Gerrit Reviews

Activity

People

Dates

Gerrit Reviews

PagerDuty