Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-8968

Elytron Audit Logging does not log failed authentication

    XMLWordPrintable

Details

    • Hide
      • Follow steps Configure Elytron (default profile) in blog post in order to change default configuration to Elytron
      • Add user via add-user.sh (as Application User)
      • Deploy attached war (containing servlet secured with BASIC HTTP auth)
      • Access http://127.0.0.1:8080/protected/printRoles in a browser
      • Fill in username and incorrect password
      • Check that JBOSS_HOME/standalone/log/audit.log is empty
      • Open browser in private mode
      • Fill username and correct password
      • Check that JBOSS_HOME/standalone/log/audit.log has a few inputs
      Show
      Follow steps Configure Elytron (default profile) in blog post in order to change default configuration to Elytron Add user via add-user.sh (as Application User) Deploy attached war (containing servlet secured with BASIC HTTP auth) Access http://127.0.0.1:8080/protected/printRoles in a browser Fill in username and incorrect password Check that JBOSS_HOME/standalone/log/audit.log is empty Open browser in private mode Fill username and correct password Check that JBOSS_HOME/standalone/log/audit.log has a few inputs

    Description

      Successful authentication is correctly handled by Elytron Audit Logging. However, if user provides incorrect password (~ authentication fails) there is no such record in audit log file.

      Logging of failed authentication is one of the requirements for this Elytron Audit Logging feature. Therefore setting blocker priority.

      Attachments

        Issue Links

          is cloned by

          Bug - A problem that impairs or prevents the functions of the product. ELY-972 Elytron Audit Logging does not log failed authentication

          • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
          • Resolved

          Activity

            People

              jkalina@redhat.com Jan Kalina (Inactive)
              jtymel Jan Tymel (Inactive)
              Jan Tymel Jan Tymel (Inactive)
              Jan Tymel Jan Tymel (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: