[
https://issues.apache.org/jira/browse/QPID-8124?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16406639#comment-16406639
]
Keith Wall commented on QPID-8124:
----------------------------------
Changes look reasonable to me. Verified both the interactive and preemptive
authentication paths.
> [Broker-J][REST] Sucessfully authenticated user is reported as <<UNKNOWN>> in
> ACL operational logs when checking access to management
> -------------------------------------------------------------------------------------------------------------------------------------
>
> Key: QPID-8124
> URL: https://issues.apache.org/jira/browse/QPID-8124
> Project: Qpid
> Issue Type: Bug
> Components: Broker-J
> Affects Versions: qpid-java-broker-7.0.2, qpid-java-broker-7.0.0,
> qpid-java-broker-7.0.1
> Reporter: Alex Rudyy
> Assignee: Alex Rudyy
> Priority: Major
> Fix For: qpid-java-broker-7.0.3
>
>
> When user is successfully authenticated, the user information in operational
> log for checking management access is reported as <<UNKNOWN>> for both
> Allowed and Denied outcomes:
> {noformat}
> INFO [qtp1675859208-228] (q.m.a.denied) - <<UNKNOWN>> ACL-1002 : Denied :
> Access Management
> INFO [qtp1675859208-64] (q.m.a.allowed) - <<UNKNOWN>> ACL-1001 : Allowed :
> Access Management
> INFO [qtp1675859208-64] (q.m.m.open) -
> [mng:nyXoe7Io(admin@/127.0.0.1:45666)] MNG-1007 : Open : User admin
> {noformat}
> As result, it is impossible to identify the principal name of authenticated
> user in operational log when access is denied.
> Thought, it is possible to get the principal name for "allowed" outcome by
> looking into the following logs from the same thread, it would be beneficial
> to print the real principal information in the log for Allowed outcome.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
