Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-10708

Elytron Audit Logging: rotating-file-audit-log's event timestamp does not contain seconds

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Blocker Blocker
    • 7.1.0.DR18
    • 7.1.0.DR17
    • Security
    • None
    • Not Required
    • Hide

      These steps could be followed in order to get a few records in Audit Log file:

      1. Follow steps Configure Elytron (default profile) in blog post in order to change default configuration to Elytron
      2. (Optionally) Add user via add-user.sh (as Application User)
      3. Start server and deploy war attached to JBEAP-9019 (containing servlet secured with BASIC HTTP auth)
      4. (Optionally) see the format of file-audit-log resource
        1. Access http://127.0.0.1:8080/protected/printRoles in a browser and fill in username and password
        2. Check JBOSS_HOME/standalone/log/audit.log
      5. Add rotating-file-audit-log /subsystem=elytron/rotating-file-audit-log=rotating-audit:add(path=rotating-audit.log,relative-to=jboss.server.log.dir,suffix=y-M-d)
      6. Use added security-event-listener in ApplicationDomain /subsystem=elytron/security-domain=ApplicationDomain:write-attribute(name=security-event-listener,value=rotating-audit)
      7. Reload server :reload
      8. Access http://127.0.0.1:8080/protected/printRoles in a browser and fill in username and password
      9. Check JBOSS_HOME/standalone/log/rotating-audit.log
      Show
      These steps could be followed in order to get a few records in Audit Log file: Follow steps Configure Elytron (default profile) in blog post in order to change default configuration to Elytron (Optionally) Add user via add-user.sh (as Application User) Start server and deploy war attached to JBEAP-9019 (containing servlet secured with BASIC HTTP auth) (Optionally) see the format of file-audit-log resource Access http://127.0.0.1:8080/protected/printRoles in a browser and fill in username and password Check JBOSS_HOME/standalone/log/audit.log Add rotating-file-audit-log /subsystem=elytron/rotating-file-audit-log=rotating-audit:add(path=rotating-audit.log,relative-to=jboss.server.log.dir,suffix=y-M-d) Use added security-event-listener in ApplicationDomain /subsystem=elytron/security-domain=ApplicationDomain:write-attribute(name=security-event-listener,value=rotating-audit) Reload server :reload Access http://127.0.0.1:8080/protected/printRoles in a browser and fill in username and password Check JBOSS_HOME/standalone/log/rotating-audit.log

      The format of rotating-file-audit-log's timestamp is insufficient. It lacks the information about seconds which might be a problem in an environment with thousands of active users.
      Furthermore the format of timestamp is inconsistent with the file-audit-log.

      file-audit-log:

      2017-05-03 13:44:07
      

      rotating-file-audit-log:

      5/3/17 1:44 PM
      

      Suggestions for improvement:
      Use the same format of timestamp in_rotating-file-audit-log_ as is already used in file-audit-log.

              yborgess1@redhat.com Yeray Borges Santana
              jtymel Jan Tymel (Inactive)
              Jan Tymel Jan Tymel (Inactive)
              Jan Tymel Jan Tymel (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: