Jan Høydahl created SOLR-13840:
----------------------------------
Summary: AuditLogger issues with REJECTED state due to wrong PW
Key: SOLR-13840
URL: https://issues.apache.org/jira/browse/SOLR-13840
Project: Solr
Issue Type: Bug
Security Level: Public (Default Security Level. Issues are Public)
Components: Auditlogging
Reporter: Jan Høydahl
Assignee: Jan Høydahl
Spinoff from SOLR-13741
When a REJECTED event is generated from SolrDispatchFilter on failed
authentication, we only have the {{HttpServletRequest}} as input, no
SolrParams, Principal etc. In this case we parse "resource" from contextPath,
while we should use {{getPathInfo()}}. Also, we fail to detect admin requests
as such and get UNKNOWN instead. Lastly, the {{solrParams}} part of
{{AuditEvent}} is not filled at all from in this case, while we could have
filled it with the parameters in the request.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
