[PR] KNOX-3102 - Complete Auditing in RemoteAuthProvider [knox]

Thu, 27 Feb 2025 21:01:30 -0800 


lmccay opened a new pull request, #999:
URL: https://github.com/apache/knox/pull/999

   ## What changes were proposed in this pull request?
   
   The initial implementation of the RemoteAuthProvider only has the initial 
access level audit. We need to add not only the result of the authentication 
attempt but also add the correlation id for the audit entries to the call to 
the remote auth service so that the audit logs can be correlated.
   
   ## How was this patch tested?
   
   Added new unit tests and ran all existing tests.
   Manually tested with a single instance and traced the call from through the 
initial topology and the "remote" endpoint. Note the correlation id is the same 
for all of the entries. This will follow across instances as well.
   
   
   ```
   25/02/27 23:53:15 
||9f67555c-6561-40fb-ad39-6fa8ac4fa1f9|audit|[0:0:0:0:0:0:0:1]|KNOXTOKEN||||access|uri|/gateway/tokengen/knoxtoken/api/v1/token|unavailable|Request
 method: GET
   25/02/27 23:53:15 
||9f67555c-6561-40fb-ad39-6fa8ac4fa1f9|audit|127.0.0.1|KNOX-AUTH-SERVICE||||access|uri|/gateway/sandbox/auth/api/v1/pre|unavailable|Request
 method: GET
   25/02/27 23:53:15 
||9f67555c-6561-40fb-ad39-6fa8ac4fa1f9|audit|127.0.0.1|KNOX-AUTH-SERVICE|guest|||authentication|uri|/gateway/sandbox/auth/api/v1/pre|success|
   25/02/27 23:53:15 
||9f67555c-6561-40fb-ad39-6fa8ac4fa1f9|audit|127.0.0.1|KNOX-AUTH-SERVICE|guest|||authentication|uri|/gateway/sandbox/auth/api/v1/pre|success|Groups:
 []
   25/02/27 23:53:15 
||9f67555c-6561-40fb-ad39-6fa8ac4fa1f9|audit|127.0.0.1|KNOX-AUTH-SERVICE|guest|||identity-mapping|principal|guest|success|Groups:
 []
   25/02/27 23:53:15 
||9f67555c-6561-40fb-ad39-6fa8ac4fa1f9|audit|127.0.0.1|KNOX-AUTH-SERVICE|guest|||access|uri|/gateway/sandbox/auth/api/v1/pre|success|Response
 status: 200
   25/02/27 23:53:15 
||9f67555c-6561-40fb-ad39-6fa8ac4fa1f9|audit|[0:0:0:0:0:0:0:1]|KNOXTOKEN|guest|||authentication|uri|/gateway/tokengen/knoxtoken/api/v1/token|success|
   25/02/27 23:53:15 
||9f67555c-6561-40fb-ad39-6fa8ac4fa1f9|audit|[0:0:0:0:0:0:0:1]|KNOXTOKEN|guest|||identity-mapping|principal|guest|success|Groups:
 []
   25/02/27 23:53:15 
||9f67555c-6561-40fb-ad39-6fa8ac4fa1f9|audit|[0:0:0:0:0:0:0:1]|KNOXTOKEN|guest|||access|uri|/gateway/tokengen/knoxtoken/api/v1/token|success|Response
 status: 200
   ```
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@knox.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Reply via email to