[jboss-jira] [JBoss JIRA] (WFLY-2891) Not authorised write operation does not get audit logged if log-read-only="false"
Kabir Khan (JIRA)
issues at jboss.org
Mon Feb 10 07:43:28 EST 2014
Kabir Khan created WFLY-2891:
--------------------------------
Summary: Not authorised write operation does not get audit logged if log-read-only="false"
Key: WFLY-2891
URL: https://issues.jboss.org/browse/WFLY-2891
Project: WildFly
Issue Type: Bug
Security Level: Public (Everyone can see)
Affects Versions: 8.0.0.CR1
Reporter: Kabir Khan
Fix For: 8.0.1.Final
This is because audit logging uses the controller lock to find out if the model was a write operation. If rbac is enabled and an operation is not authorised, the error happens before the controller lock is taken. So if audit log log-read-only="false" the failed operation does not get logged.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list