[jira] [Commented] (QPID-8124) [Broker-J][REST] Sucessfully authenticated user is reported as <> in ACL operational logs when checking access to management

Tue, 20 Mar 2018 07:54:38 -0700 

    [ 
https://issues.apache.org/jira/browse/QPID-8124?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16406445#comment-16406445
 ] 

ASF subversion and git services commented on QPID-8124:
-------------------------------------------------------

Commit 957f7eda039eb165aa2f75ab5f3afddbaefac87e in qpid-broker-j's branch 
refs/heads/master from [~alex.rufous]
[ https://git-wip-us.apache.org/repos/asf?p=qpid-broker-j.git;h=957f7ed ]

QPID-8124: [Broker-J] Fix ACL logging on checking web management console access 
after REST SASL authentication


> [Broker-J][REST] Sucessfully authenticated user is reported as <<UNKNOWN>> in 
> ACL operational logs when checking access to management
> -------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: QPID-8124
>                 URL: https://issues.apache.org/jira/browse/QPID-8124
>             Project: Qpid
>          Issue Type: Bug
>          Components: Broker-J
>    Affects Versions: qpid-java-broker-7.0.2, qpid-java-broker-7.0.0, 
> qpid-java-broker-7.0.1
>            Reporter: Alex Rudyy
>            Assignee: Alex Rudyy
>            Priority: Major
>             Fix For: qpid-java-broker-7.0.3
>
>
> When user is successfully authenticated, the user information  in operational 
> log for checking management access is reported as <<UNKNOWN>> for both 
> Allowed and Denied outcomes:
> {noformat}
> INFO  [qtp1675859208-228] (q.m.a.denied) - <<UNKNOWN>> ACL-1002 : Denied : 
> Access Management 
> INFO  [qtp1675859208-64] (q.m.a.allowed) - <<UNKNOWN>> ACL-1001 : Allowed : 
> Access Management 
> INFO  [qtp1675859208-64] (q.m.m.open) - 
> [mng:nyXoe7Io(admin@/127.0.0.1:45666)] MNG-1007 : Open : User admin
> {noformat}
> As result, it is impossible to identify the principal name of authenticated 
> user in operational log when access is denied. 
> Thought, it is possible to get the principal name for "allowed" outcome by 
> looking into the following logs from the same thread, it would be beneficial 
> to print the real principal information in the log for Allowed outcome.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to