Hi, We’re using Artemis 2.11.0 running on Red Hat 8 in a pod. We use the TextFileCertificateLoginModule for authentication, which has been working well for us. We are configured only for the AMQP acceptor using amqps on port 5671.
My question is about the audit log output from the logger with name org.apache.activemq.audit.base. In this output, we see only the anonymous user principal having actions logged - for instance, a lot of “User anonymous is creating address/creating a queue/etc” type output, when an authenticated client is performing those actions. We would like to be able to trace the activity back to the authenticated subject. I am pretty sure that the login module itself is working fine and is returning a valid UserPrincipal in the subject, as I can add the populate-validated-user configuration and subsequently I see the client name in the incoming messages as a message header. I wanted to ask: - Should the subject username be getting logged in the audit logs, or is that name coming from some unexpected place? - Is there some other place to configure the subject name that gets logged, or is there some reason the text file login module will definitely not work for this purpose? - I saw ARTEMIS-2648 was filed to improve audit logging in general: if this is a known issue, would that issue resolve this? Thanks very much, Steve
