Details
-
Bug
-
Resolution: Done
-
Blocker
-
7.1.0.DR19
-
None
Description
[1:39 PM] Emmanuel Hugonnet: @BrianStansberry hi, could you take a look at https://github.com/wildfly/wildfly-core/pull/2514
[1:40 PM] Emmanuel Hugonnet: I've a bit of a doubt because i couldn't create a dependency on the credentialstore since auditlog handlers are not services
[1:41 PM] Brian Stansberry: ok. it does seem a bit nasty because of that
[1:41 PM] Brian Stansberry: at a glance
[1:41 PM] Emmanuel Hugonnet: yes
[1:41 PM] Brian Stansberry: a very quick glance
[1:42 PM] Brian Stansberry: ah , but SyslogAuditLogHandler is not an OSH so I won't comment until I really understand 
[1:43 PM] Emmanuel Hugonnet: yes 
[2:04 PM] Brian Stansberry: I don't think that will be reliable; there's no guarantee that store will be started
[2:07 PM] Kabir Khan: I don't think the syslog handler tries to write until boot is done
[2:07 PM] Kabir Khan: could it be possible to lazy init those suppliers?
[2:11 PM] Emmanuel Hugonnet: I guess we would only need the attribute value and a serviceregistry
[2:12 PM] Emmanuel Hugonnet: I'm wondering if this is not lazy per default
[2:12 PM] Emmanuel Hugonnet: as the service is only called when the credential is required as far as I can see
[2:13 PM] Brian Stansberry: yes, it is lazy
[2:43 PM] Kabir Khan: @ehsavoie I think the problem @BrianStansberry mentions is whether the services have stabilised so the CR is ready by the time the syslog write happens
[2:44 PM] Emmanuel Hugonnet: @KabirKhan yes but I don't have any service in the audit log tree to be able to require for the CR to be ready
[2:45 PM] Kabir Khan: @ehsavoie I can try to discuss it on the pm call, perhaps we can do without it for the beta
[2:47 PM] Emmanuel Hugonnet: or I could add a service to get this one on
[2:48 PM] Emmanuel Hugonnet: a bit like what is done for security realms
[2:53 PM] Kabir Khan: That could be good for the future, but I think for Beta it should be ok as it is
[2:57 PM] Brian Stansberry: @KabirKhan @ehsavoie +1
[2:57 PM] Brian Stansberry: I think it is fine at boot as no logging will happen until MSC has stabilized
[2:57 PM] Brian Stansberry: and probably post boot too
[2:57 PM] Emmanuel Hugonnet: well the boot test is ok
[2:58 PM] Kabir Khan: but we should have a blocker jira to investigate whether our assumptions are correct
[2:58 PM] Emmanuel Hugonnet: ok
[2:58 PM] Brian Stansberry: the scenario is a management op adds the credential store and the syslog handler, and then the syslog handler wants to log before the store service is up
[2:58 PM] Brian Stansberry: but, for audit logging we don't log until op commit/rollback
[2:58 PM] Brian Stansberry: and by then MSC is going to be stablized
[3:06 PM] Kabir Khan: that should be: 'we think we don't log', so that needs checking
Attachments
Issue Links
- clones
-
-
- Verified
-
- is cloned by
-
-
- Resolved
-
- is incorporated by
-
JBEAP-11466 (7.1.0) Upgrade to WildFly Core to 3.0.0.Beta28
-
- Verified
-
-
-
- Verified
-
- is related to
-
-
- Resolved
-
