Uploaded image for project: 'WildFly Elytron'
  1. WildFly Elytron
  2. ELY-972

Elytron Audit Logging does not log failed authentication

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Blocker Blocker
    • 1.1.0.Beta27
    • None
    • None
    • None
    • Hide
      • Follow steps Configure Elytron (default profile) in blog post in order to change default configuration to Elytron
      • Add user via add-user.sh (as Application User)
      • Deploy attached war (containing servlet secured with BASIC HTTP auth)
      • Access http://127.0.0.1:8080/protected/printRoles in a browser
      • Fill in username and incorrect password
      • Check that JBOSS_HOME/standalone/log/audit.log is empty
      • Open browser in private mode
      • Fill username and correct password
      • Check that JBOSS_HOME/standalone/log/audit.log has a few inputs
      Show
      Follow steps Configure Elytron (default profile) in blog post in order to change default configuration to Elytron Add user via add-user.sh (as Application User) Deploy attached war (containing servlet secured with BASIC HTTP auth) Access http://127.0.0.1:8080/protected/printRoles in a browser Fill in username and incorrect password Check that JBOSS_HOME/standalone/log/audit.log is empty Open browser in private mode Fill username and correct password Check that JBOSS_HOME/standalone/log/audit.log has a few inputs

      Successful authentication is correctly handled by Elytron Audit Logging. However, if user provides incorrect password (~ authentication fails) there is no such record in audit log file.

      Logging of failed authentication is one of the requirements for this Elytron Audit Logging feature. Therefore setting blocker priority.

        1. deployment.war
          4 kB

            jkalina@redhat.com Jan Kalina (Inactive)
            jtymel Jan Tymel (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: