Uploaded image for project: 'WildFly Elytron'
  1. WildFly Elytron
  2. ELY-1266

Simple String in Elytron rotating-file-audit-log.suffix attribute causes wrong audit file name

    Details

    • Type: Bug
    • Status: Resolved (View Workflow)
    • Priority: Major
    • Resolution: Done
    • Affects Version/s: 1.1.0.Beta52
    • Fix Version/s: 1.1.0.Beta53
    • Component/s: Audit
    • Labels:
      None
    • Steps to Reproduce:
      Hide

      1) Add some user to application server:

      ./add-user.sh -u admin -p pass@123
      

      2) Use Elytron authentication to http management interface:

      <http-interface http-authentication-factory="management-http-authentication">
          <http-upgrade enabled="true" sasl-authentication-factory="management-sasl-authentication"/>
          <socket-binding http="management-http"/>
      </http-interface>
      

      3) Add rotating-file-audit-log and enable it for ManagementDomain

      /subsystem=elytron/rotating-file-audit-log=rotating:add(path=audit.log,format=SIMPLE,max-backup-index=5,rotate-on-boot=false,rotate-size=5,suffix="'someText'",synchronized=true,relative-to=jboss.server.log.dir)
      /subsystem=elytron/security-domain=ManagementDomain:write-attribute(name=security-event-listener,value=rotating)
      reload
      

      4) Try access management console more times (you can use correct or incorrect user and password) and you will see file with name like "audit.lognull.1" in EAP_HOME/standalone/log, correct name should be "audit.logsomeText.1"

      Show
      1) Add some user to application server: ./add-user.sh -u admin -p pass@123 2) Use Elytron authentication to http management interface: <http- interface http-authentication-factory= "management-http-authentication" > <http-upgrade enabled= " true " sasl-authentication-factory= "management-sasl-authentication" /> <socket-binding http= "management-http" /> </http- interface > 3) Add rotating-file-audit-log and enable it for ManagementDomain /subsystem=elytron/rotating-file-audit-log=rotating:add(path=audit.log,format=SIMPLE,max-backup-index=5,rotate-on-boot= false ,rotate-size=5,suffix= " 'someText' " , synchronized = true ,relative-to=jboss.server.log.dir) /subsystem=elytron/security-domain=ManagementDomain:write-attribute(name=security-event-listener,value=rotating) reload 4) Try access management console more times (you can use correct or incorrect user and password) and you will see file with name like "audit.lognull.1" in EAP_HOME/standalone/log, correct name should be "audit.logsomeText.1"

      Description

      suffix attribute of Elytron rotating-file-audit-log uses java.text.SimpleDateFormat format [1]. It means that 'someText' can be used as value of suffix attribute. However in case when only this string (without any pattern letters) is used in suffix, then resulting audit file name includes suffix "null" instead of defined suffix "someText". In case when suffix includes also pattern letters (e.g. d'someText') then it works correctly.

      [1] https://docs.oracle.com/javase/8/docs/api/java/text/SimpleDateFormat.html

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  Unassigned
                  Reporter:
                  olukas Ondrej Lukas
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  1 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: