Justin Bertram created ARTEMIS-5869:
---------------------------------------
Summary: Clarify initial connection audit logging
Key: ARTEMIS-5869
URL: https://issues.apache.org/jira/browse/ARTEMIS-5869
Project: Artemis
Issue Type: Task
Reporter: Justin Bertram
Assignee: Justin Bertram
In ARTEMIS-4210 the audit logger introduced connection created/destroyed
events. The connection created event always uses "unknown" as the user instead
of real user name, e.g.:
{noformat}
2024-12-06 07:39:06,299 [AUDIT](Thread-3 (activemq-netty-threads)) AMQ601767:
OPENWIRE connection 8d8654f5 for user [email protected]:39678 created{noformat}
At the point where this audit logging takes place the broker has inspected the
first handful of bytes from the network so it knows what messaging protocol is
being used and where the connection came from, but the full packet hasn't been
parsed so the user information isn't yet available. We definitely don't want to
add any additional parsing here as this is on the hot path for every
connection. "Unknown" was hard-coded into the log message in order to be
consistent with the rest of the audit logging. However, it's confusing so it
should be removed and something like this should be logged instead:
{noformat}
2024-12-06 07:39:06,299 [AUDIT](Thread-3 (activemq-netty-threads)) AMQ601767:
OPENWIRE connection 8d8654f5 from 127.0.0.1:39678 created{noformat}
To be clear, the connection ID is also logged here as well as in the
authentication audit messages so these messages can be correlated. In other
words, it has always been (and always will be) possible to determine the
connection's actual user from the audit logs.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
