[
https://issues.apache.org/jira/browse/CASSANDRA-19669?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17853820#comment-17853820
]
Francisco Guerrero commented on CASSANDRA-19669:
------------------------------------------------
I'm uploading the updated CI results after rebase: ci_summary-2.html
> Audit Log entries are missing identity for mTLS connections
> -----------------------------------------------------------
>
> Key: CASSANDRA-19669
> URL: https://issues.apache.org/jira/browse/CASSANDRA-19669
> Project: Cassandra
> Issue Type: Bug
> Components: Local/Config
> Reporter: Francisco Guerrero
> Assignee: Francisco Guerrero
> Priority: Normal
> Fix For: 5.1
>
> Attachments: ci_summary-1.html, ci_summary-2.html, ci_summary.html
>
> Time Spent: 3h 20m
> Remaining Estimate: 0h
>
> Audit log entries are missing the {{IDENTITY}} when an mTLS connection is
> established. Currently, the client state is captured as part of the audit log
> entries, however the additional metadata for the authenticated user does not
> get propagated to the entry. For the mTLS connections, this means that the
> identity information is not included to the log entry details.
> Additionally, when a TLS connection is terminated during handshake (say a
> client is using an expired certificate) the error is not propagated to the
> audit log failure attempts.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
