[jira] [Work logged] (KNOX-3102) Complete Auditing in RemoteAuthProvider

Fri, 28 Feb 2025 12:46:48 -0800 


     [ 
https://issues.apache.org/jira/browse/KNOX-3102?focusedWorklogId=959509&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-959509
 ]

ASF GitHub Bot logged work on KNOX-3102:
----------------------------------------

                Author: ASF GitHub Bot
            Created on: 28/Feb/25 18:18
            Start Date: 28/Feb/25 18:18
    Worklog Time Spent: 10m 
      Work Description: moresandeep commented on code in PR #999:
URL: https://github.com/apache/knox/pull/999#discussion_r1975842988


##########
gateway-provider-security-authc-remote/src/main/java/org/apache/knox/gateway/filter/RemoteAuthFilter.java:
##########
@@ -70,8 +71,11 @@ public class RemoteAuthFilter implements Filter {
   private static final String CONFIG_USER_HEADER = "remote.auth.user.header";
   private static final String CONFIG_GROUP_HEADER = "remote.auth.group.header";
   private static final String DEFAULT_CONFIG_USER_HEADER = "X-Knox-Actor-ID";
-  private static final String DEFAULT_CONFIG_GROUP_HEADER = 
"X-Knox-Actor-Groups-*";
+  private static final String DEFAULT_CONFIG_GROUP_HEADER = 
"X-Knox-Actor-Groups-1";

Review Comment:
   Shouldn't this property `X-Knox-Actor-Groups-*` ?





Issue Time Tracking
-------------------

    Worklog Id:     (was: 959509)
    Time Spent: 20m  (was: 10m)

> Complete Auditing in RemoteAuthProvider
> ---------------------------------------
>
>                 Key: KNOX-3102
>                 URL: https://issues.apache.org/jira/browse/KNOX-3102
>             Project: Apache Knox
>          Issue Type: Improvement
>          Components: Server
>            Reporter: Larry McCay
>            Assignee: Larry McCay
>            Priority: Major
>             Fix For: 2.2.0
>
>          Time Spent: 20m
>  Remaining Estimate: 0h
>
> The initial implementation of the RemoteAuthProvider only has the initial 
> access level audit. We need to add not only the result of the authentication 
> attempt but also add the correlation id for the audit entries to the call to 
> the remote auth service so that the audit logs can be correlated. Perhaps, we 
> extend the correlation id that is passed so that we can tell it is part of a 
> larger interaction. This needs discussion.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to