[jboss-jira] [JBoss JIRA] (WFCORE-2978) Verify that WFCORE-2923 fix is valid
ehsavoie Hugonnet (JIRA)
issues at jboss.org
Tue Jun 20 03:19:00 EDT 2017
[ https://issues.jboss.org/browse/WFCORE-2978?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
ehsavoie Hugonnet updated WFCORE-2978:
--------------------------------------
Summary: Verify that WFCORE-2923 fix is valid (was: Verify that JBEAP-11343 fix is valid)
> Verify that WFCORE-2923 fix is valid
> -------------------------------------
>
> Key: WFCORE-2978
> URL: https://issues.jboss.org/browse/WFCORE-2978
> Project: WildFly Core
> Issue Type: Bug
> Components: Logging, Security
> Reporter: ehsavoie Hugonnet
> Assignee: ehsavoie Hugonnet
> Priority: Blocker
>
> [1:39 PM] Emmanuel Hugonnet: @BrianStansberry hi, could you take a look at https://github.com/wildfly/wildfly-core/pull/2514
> [1:40 PM] Emmanuel Hugonnet: I've a bit of a doubt because i couldn't create a dependency on the credentialstore since auditlog handlers are not services
> [1:41 PM] Brian Stansberry: ok. it does seem a bit nasty because of that
> [1:41 PM] Brian Stansberry: at a glance
> [1:41 PM] Emmanuel Hugonnet: yes
> [1:41 PM] Brian Stansberry: a very quick glance
> [1:42 PM] Brian Stansberry: ah , but SyslogAuditLogHandler is not an OSH so I won't comment until I really understand :)
> [1:43 PM] Emmanuel Hugonnet: yes ;)
> [2:04 PM] Brian Stansberry: I don't think that will be reliable; there's no guarantee that store will be started
> [2:07 PM] Kabir Khan: I don't think the syslog handler tries to write until boot is done
> [2:07 PM] Kabir Khan: could it be possible to lazy init those suppliers?
> [2:11 PM] Emmanuel Hugonnet: I guess we would only need the attribute value and a serviceregistry
> [2:12 PM] Emmanuel Hugonnet: I'm wondering if this is not lazy per default
> [2:12 PM] Emmanuel Hugonnet: as the service is only called when the credential is required as far as I can see
> [2:13 PM] Brian Stansberry: yes, it is lazy
> [2:43 PM] Kabir Khan: @ehsavoie I think the problem @BrianStansberry mentions is whether the services have stabilised so the CR is ready by the time the syslog write happens
> [2:44 PM] Emmanuel Hugonnet: @KabirKhan yes but I don't have any service in the audit log tree to be able to require for the CR to be ready
> [2:45 PM] Kabir Khan: @ehsavoie I can try to discuss it on the pm call, perhaps we can do without it for the beta
> [2:47 PM] Emmanuel Hugonnet: or I could add a service to get this one on
> [2:48 PM] Emmanuel Hugonnet: a bit like what is done for security realms
> [2:53 PM] Kabir Khan: That could be good for the future, but I think for Beta it should be ok as it is
> [2:57 PM] Brian Stansberry: @KabirKhan @ehsavoie +1
> [2:57 PM] Brian Stansberry: I think it is fine at boot as no logging will happen until MSC has stabilized
> [2:57 PM] Brian Stansberry: and probably post boot too
> [2:57 PM] Emmanuel Hugonnet: well the boot test is ok
> [2:58 PM] Kabir Khan: but we should have a blocker jira to investigate whether our assumptions are correct
> [2:58 PM] Emmanuel Hugonnet: ok
> [2:58 PM] Brian Stansberry: the scenario is a management op adds the credential store and the syslog handler, and then the syslog handler wants to log before the store service is up
> [2:58 PM] Brian Stansberry: but, for audit logging we don't log until op commit/rollback
> [2:58 PM] Brian Stansberry: and by then MSC is going to be stablized
> [3:06 PM] Kabir Khan: that should be: 'we think we don't log', so that needs checking :)
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list