[
https://issues.apache.org/jira/browse/LOG4J2-2417?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16617445#comment-16617445
]
ASF GitHub Bot commented on LOG4J2-2417:
----------------------------------------
GitHub user andrei-ivanov opened a pull request:
https://github.com/apache/logging-log4j-audit/pull/7
[LOG4J2-2417]
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/andrei-ivanov/logging-log4j-audit LOG4J2-2417
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/logging-log4j-audit/pull/7.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #7
----
commit 882d45a05b51d24a40fda2659b0c02d877e90f24
Author: Andrei Ivanov <andrei.ivanov@...>
Date: 2018-09-17T11:52:45Z
[LOG4J2-2417] fix access of optional annotations
commit 3e3bf9d34f5468d474924c2a07e8865893831347
Author: Andrei Ivanov <andrei.ivanov@...>
Date: 2018-09-17T11:57:59Z
[LOG4J2-2417] reuse maxLength extraction routine
commit 02529bb74a58b87643867c2df7731b402f9f5f86
Author: Andrei Ivanov <andrei.ivanov@...>
Date: 2018-09-17T12:10:06Z
[LOG4J2-2417] handle null properties
commit d98904d92329b7ffe2da5e59830d09200528c875
Author: Andrei Ivanov <andrei.ivanov@...>
Date: 2018-09-17T12:29:04Z
[LOG4J2-2420] allow events without attributes
----
> Better handling of optional properties
> --------------------------------------
>
> Key: LOG4J2-2417
> URL: https://issues.apache.org/jira/browse/LOG4J2-2417
> Project: Log4j 2
> Issue Type: Bug
> Components: Log4j-Audit
> Affects Versions: Log4j-Audit 1.0.0
> Reporter: Andrei Ivanov
> Assignee: Ralph Goers
> Priority: Minor
>
> The Log4j-Audit project page indicates this as the place to file tickets, but
> I don't see the 1.0.0 version for it.
> Investigating the use of the project, I started with a basic `catalog.json`,
> with just an event and 2 attributes, both with {{requestContext = false}}.
> {noformat}
> java.lang.NullPointerException
> at
> org.apache.logging.log4j.audit.LogEventFactory.validateContextConstraint(LogEventFactory.java:385)
> at
> org.apache.logging.log4j.audit.LogEventFactory.validateContextConstraints(LogEventFactory.java:380)
> at
> org.apache.logging.log4j.audit.LogEventFactory.access$400(LogEventFactory.java:57)
> at
> org.apache.logging.log4j.audit.LogEventFactory$AuditProxy.invoke(LogEventFactory.java:263)
> {noformat}
> As far as I understand, request context attributes are not required.
> ??While usage of a RequestContext is not required, the use of one should be
> considered a best practice.??
> Also, AFAIU, the event attributes should also be optional, there's even a
> test event *login* like that.
> Also the code seems to indicate that {{@MaxLength}} should also be optional,
> same as {{@RequestContext}}.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
