[jboss-jira] [JBoss JIRA] (WFCORE-2755) Elytron Audit Logging: rotating-file-audit-log's event timestamp lacks information about seconds
Jan Tymel (JIRA)
issues at jboss.org
Mon May 15 03:18:00 EDT 2017
[ https://issues.jboss.org/browse/WFCORE-2755?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jan Tymel updated WFCORE-2755:
------------------------------
Steps to Reproduce:
These steps could be followed in order to get a few records in Audit Log file:
# Follow steps _Configure Elytron (default profile)_ in [blog post|http://javlog.cacek.cz/2017/01/enable-elytron-in-wildfly.html] in order to change default configuration to Elytron
# (Optionally) Add user via add-user.sh (as Application User)
# Start server and deploy war attached to WFCORE-2625 (containing servlet secured with BASIC HTTP auth)
# (Optionally) see the format of _file-audit-log_ resource
## Access http://127.0.0.1:8080/protected/printRoles in a browser and fill in username and password
## Check _JBOSS_HOME/standalone/log/audit.log_
# Add _rotating-file-audit-log_ {{/subsystem=elytron/rotating-file-audit-log=rotating-audit:add(path=rotating-audit.log,relative-to=jboss.server.log.dir,suffix=y-M-d)}}
# Use added security-event-listener in ApplicationDomain {{/subsystem=elytron/security-domain=ApplicationDomain:write-attribute(name=security-event-listener,value=rotating-audit)}}
# Reload server {{:reload}}
# Access http://127.0.0.1:8080/protected/printRoles in a browser and fill in username and password
# Check _JBOSS_HOME/standalone/log/rotating-audit.log_
was:
These steps could be followed in order to get a few records in Audit Log file:
# Follow steps _Configure Elytron (default profile)_ in [blog post|http://javlog.cacek.cz/2017/01/enable-elytron-in-wildfly.html] in order to change default configuration to Elytron
# (Optionally) Add user via add-user.sh (as Application User)
# Start server and deploy attached war (containing servlet secured with BASIC HTTP auth)
# (Optionally) see the format of _file-audit-log_ resource
## Access http://127.0.0.1:8080/protected/printRoles in a browser and fill in username and password
## Check _JBOSS_HOME/standalone/log/audit.log_
# Add _rotating-file-audit-log_ {{/subsystem=elytron/rotating-file-audit-log=rotating-audit:add(path=rotating-audit.log,relative-to=jboss.server.log.dir,suffix=y-M-d)}}
# Use added security-event-listener in ApplicationDomain {{/subsystem=elytron/security-domain=ApplicationDomain:write-attribute(name=security-event-listener,value=rotating-audit)}}
# Reload server {{:reload}}
# Access http://127.0.0.1:8080/protected/printRoles in a browser and fill in username and password
# Check _JBOSS_HOME/standalone/log/rotating-audit.log_
> Elytron Audit Logging: rotating-file-audit-log's event timestamp lacks information about seconds
> ------------------------------------------------------------------------------------------------
>
> Key: WFCORE-2755
> URL: https://issues.jboss.org/browse/WFCORE-2755
> Project: WildFly Core
> Issue Type: Bug
> Components: Security
> Reporter: Jan Tymel
> Assignee: Yeray Borges
> Priority: Blocker
> Fix For: 3.0.0.Beta18
>
>
> The format of _rotating-file-audit-log's_ timestamp is insufficient. It lacks the information about seconds which might be a problem in an environment with thousands of active users.
> Furthermore the format of timestamp is inconsistent with the _file-audit-log_.
> _file-audit-log:_
> {code}
> 2017-05-03 13:44:07
> {code}
> _rotating-file-audit-log:_
> {code}
> 5/3/17 1:44 PM
> {code}
> Suggestions for improvement:
> Use the same format of timestamp in_rotating-file-audit-log_ as is already used in _file-audit-log_.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list