Uploaded image for project: 'WildFly Elytron'
  1. WildFly Elytron
  2. ELY-1266

Simple String in Elytron rotating-file-audit-log.suffix attribute causes wrong audit file name

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Major Major
    • 1.1.0.Beta53
    • 1.1.0.Beta52
    • Audit
    • None
    • Hide

      1) Add some user to application server:

      ./add-user.sh -u admin -p pass@123

      2) Use Elytron authentication to http management interface:

      <http-interface http-authentication-factory="management-http-authentication">
    <http-upgrade enabled="true" sasl-authentication-factory="management-sasl-authentication"/>
    <socket-binding http="management-http"/>
</http-interface>

      3) Add rotating-file-audit-log and enable it for ManagementDomain 

      /subsystem=elytron/rotating-file-audit-log=rotating:add(path=audit.log,format=SIMPLE,max-backup-index=5,rotate-on-boot=false,rotate-size=5,suffix="'someText'",synchronized=true,relative-to=jboss.server.log.dir)
/subsystem=elytron/security-domain=ManagementDomain:write-attribute(name=security-event-listener,value=rotating)
reload

      4) Try access management console more times (you can use correct or incorrect user and password) and you will see file with name like "audit.lognull.1" in EAP_HOME/standalone/log, correct name should be "audit.logsomeText.1"

      Show
      1) Add some user to application server: ./add-user.sh -u admin -p pass@123 2) Use Elytron authentication to http management interface: <http- interface http-authentication-factory= "management-http-authentication" > <http-upgrade enabled= " true " sasl-authentication-factory= "management-sasl-authentication" /> <socket-binding http= "management-http" /> </http- interface > 3) Add rotating-file-audit-log and enable it for ManagementDomain /subsystem=elytron/rotating-file-audit-log=rotating:add(path=audit.log,format=SIMPLE,max-backup-index=5,rotate-on-boot= false ,rotate-size=5,suffix= " 'someText' " , synchronized = true ,relative-to=jboss.server.log.dir) /subsystem=elytron/security-domain=ManagementDomain:write-attribute(name=security-event-listener,value=rotating) reload 4) Try access management console more times (you can use correct or incorrect user and password) and you will see file with name like "audit.lognull.1" in EAP_HOME/standalone/log, correct name should be "audit.logsomeText.1"

      suffix attribute of Elytron rotating-file-audit-log uses java.text.SimpleDateFormat format [1]. It means that 'someText' can be used as value of suffix attribute. However in case when only this string (without any pattern letters) is used in suffix, then resulting audit file name includes suffix "null" instead of defined suffix "someText". In case when suffix includes also pattern letters (e.g. d'someText') then it works correctly.

      [1] https://docs.oracle.com/javase/8/docs/api/java/text/SimpleDateFormat.html

              Unassigned Unassigned
              olukas Ondrej Lukas (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: