[
https://issues.apache.org/jira/browse/ARTEMIS-5869?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18055543#comment-18055543
]
ASF subversion and git services commented on ARTEMIS-5869:
----------------------------------------------------------
Commit 6ed024d4adca5236b9c443b169773a27de1eea03 in artemis's branch
refs/heads/main from Justin Bertram
[ https://gitbox.apache.org/repos/asf?p=artemis.git;h=6ed024d4ad ]
ARTEMIS-5869 clarify initial connection audit logging
> Clarify initial connection audit logging
> ----------------------------------------
>
> Key: ARTEMIS-5869
> URL: https://issues.apache.org/jira/browse/ARTEMIS-5869
> Project: Artemis
> Issue Type: Task
> Reporter: Justin Bertram
> Assignee: Justin Bertram
> Priority: Major
> Labels: pull-request-available
> Time Spent: 20m
> Remaining Estimate: 0h
>
> In ARTEMIS-4210 the audit logger introduced connection created/destroyed
> events. The connection created event always uses "unknown" as the user
> instead of real user name, e.g.:
> {noformat}
> 2024-12-06 07:39:06,299 [AUDIT](Thread-3 (activemq-netty-threads)) AMQ601767:
> OPENWIRE connection 8d8654f5 for user [email protected]:39678
> created{noformat}
> At the point where this audit logging takes place the broker has inspected
> the first handful of bytes from the network so it knows what messaging
> protocol is being used and where the connection came from, but the full
> packet hasn't been parsed so the user information isn't yet available. We
> definitely don't want to add any additional parsing here as this is on the
> hot path for every connection. "Unknown" was hard-coded into the log message
> in order to be consistent with the rest of the audit logging. However, it's
> confusing so it should be removed and something like this should be logged
> instead:
> {noformat}
> 2024-12-06 07:39:06,299 [AUDIT](Thread-3 (activemq-netty-threads)) AMQ601767:
> OPENWIRE connection 8d8654f5 from 127.0.0.1:39678 created{noformat}
> To be clear, the connection ID is also logged here as well as in the
> authentication audit messages so these messages can be correlated. In other
> words, it has always been (and always will be) possible to determine the
> connection's actual user from the audit logs.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
