Alex Rudyy created QPID-8124:
--------------------------------
Summary: [Broker-J][REST] Sucessfully authenticated user is
reported as <<UNKNOWN>> in ACL operational logs when checking access to
management
Key: QPID-8124
URL: https://issues.apache.org/jira/browse/QPID-8124
Project: Qpid
Issue Type: Bug
Components: Broker-J
Affects Versions: qpid-java-broker-7.0.1, qpid-java-broker-7.0.0,
qpid-java-broker-7.0.2
Reporter: Alex Rudyy
When user is successfully authenticated, the user subject of operational log
for checking management access is reported as <<UNKNOWN>> with both Allowed and
Denied outcomes:
{noformat}
INFO [qtp1675859208-228] (q.m.a.denied) - <<UNKNOWN>> ACL-1002 : Denied :
Access Management
INFO [qtp1675859208-64] (q.m.a.allowed) - <<UNKNOWN>> ACL-1001 : Allowed :
Access Management
INFO [qtp1675859208-64] (q.m.m.open) - [mng:nyXoe7Io(admin@/127.0.0.1:45666)]
MNG-1007 : Open : User admin
{noformat}
As result, it is impossible to identify the principal name of authenticated
user in operational log when access is denied.
Thought, it is possible to get the principal name for "allowed" outcome by
looking into the following logs from the same thread, it would be beneficial to
print the real principal information in the log for Allowed outcome.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
