I noticing same thing in 5.2.3.
On Monday, March 5, 2018 at 7:33:52 AM UTC-8, Olivier wrote:
>
> Has this already been fixed in the CAS release 5.2.3 ?
>
> On Tuesday, January 23, 2018 at 5:38:15 AM UTC-5, Oscar del Pozo wrote:
>>
>> There is a bug in the module inspektr-audit-1.7.1.GA when an Exception
>> is thrown on an authentication process that ends logging the authentication
>> as successfully:
>>
>> Logs:
>>
>> 2018-01-23 11:18:18,583 ERROR
>>> [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] -
>>> <Authentication
>>> has failed. Credentials may be incorrect or CAS cannot find
>>> authentication handler that supports
>>> [org.apereo.cas.authentication.principal.ClientCredential@77d80cf8[id=<null>]]
>>>
>>> of type [ClientCredential].>
>>> 2018-01-23 11:18:57,038 INFO
>>> [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit
>>> trail record BEGIN
>>> =============================================================
>>> WHO: null
>>> WHAT: Supplied credentials:
>>> [org.apereo.cas.authentication.principal.ClientCredential@77d80cf8[id=<null>]]
>>> ACTION: AUTHENTICATION_SUCCESS
>>> APPLICATION: CAS
>>> WHEN: Tue Jan 23 11:18:57 CET 2018
>>> CLIENT IP ADDRESS: 192.168.56.1
>>> SERVER IP ADDRESS: 192.168.56.1
>>> =============================================================
>>
>>
>> The bug is located at
>> *org.apereo.inspektr.audit.AuditTrailManagementAspect@handleAuditTrail(final
>> ProceedingJoinPoint joinPoint, final Audit audit) throws Throwable*:
>>
>> @Around(value = "@annotation(audit)", argNames = "audit")
>> public Object handleAuditTrail(final ProceedingJoinPoint joinPoint,
>> final Audit audit) throws Throwable {
>> final AuditActionResolver auditActionResolver =
>> this.auditActionResolvers.get(audit.actionResolverName());
>> final AuditResourceResolver auditResourceResolver =
>> this.auditResourceResolvers.get(audit.resourceResolverName());
>>
>> String currentPrincipal = null;
>> String[] auditResource = new String[]{null};
>> String action = null;
>> Object retVal = null;
>> try {
>> retVal = joinPoint.proceed();
>>
>> currentPrincipal =
>> this.auditPrincipalResolver.resolveFrom(joinPoint, retVal);
>> auditResource = auditResourceResolver.resolveFrom(joinPoint,
>> retVal);
>> action = auditActionResolver.resolveFrom(joinPoint, retVal,
>> audit);
>>
>> return retVal;
>> } catch (final Throwable e) {
>> currentPrincipal =
>> this.auditPrincipalResolver.resolveFrom(joinPoint, e);
>> auditResource = auditResourceResolver.resolveFrom(joinPoint,
>> e);
>> action = auditActionResolver.resolveFrom(joinPoint, e,
>> audit);
>> throw e;
>> } finally {
>> executeAuditCode(currentPrincipal, auditResource, joinPoint,
>> retVal, action, audit);
>> }
>> }
>>
>> The problem here is that the auditActionResolver has two methods:
>>
>> String resolveFrom(JoinPoint auditableTarget, Object retval, Audit audit);
>>
>> String resolveFrom(JoinPoint auditableTarget, Exception exception, Audit
>> audit);
>>
>> When we try to invoke the second one, we have to cast the exception e to
>> do not enter in the first method, where the success suffix will be applied
>> to the audit log.
>>
>> To fix this, the catch block should be
>>
>> } catch (final Throwable e) {
>> currentPrincipal =
>> this.auditPrincipalResolver.resolveFrom(joinPoint, e);
>> auditResource = auditResourceResolver.resolveFrom(joinPoint,
>> e);
>> action = auditActionResolver.resolveFrom(joinPoint,
>> (Exception) e, audit);
>> throw e;
>> }
>>
>> I would make a pull-request, but I haven't found the source code at
>> github.
>>
>
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/46baa156-9f6a-453c-a667-41ea78365654%40apereo.org.
