Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-9629

Elytron Audit Logging does not support logging into more destinations

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Won't Do
    • Icon: Blocker Blocker
    • None
    • 7.1.0.DR14
    • Security
    • None
    • Hide

      These steps could be followed in order to get a few records in Audit Log file:

      1. Follow steps Configure Elytron (default profile) in blog post in order to change default configuration to Elytron
      2. Add user via add-user.sh (as Application User)
      3. Start server and deploy attached war (containing servlet secured with BASIC HTTP auth)
      4. Access http://127.0.0.1:8080/protected/printRoles in a browser and fill in username and password
      5. Check JBOSS_HOME/standalone/log/audit.log

      Note: Apparently, the more times step 4 is applied the more records will be in log file.

      Show
      These steps could be followed in order to get a few records in Audit Log file: Follow steps Configure Elytron (default profile) in blog post in order to change default configuration to Elytron Add user via add-user.sh (as Application User) Start server and deploy attached war (containing servlet secured with BASIC HTTP auth) Access http://127.0.0.1:8080/protected/printRoles in a browser and fill in username and password Check JBOSS_HOME/standalone/log/audit.log Note: Apparently, the more times step 4 is applied the more records will be in log file.

      According to my understanding it is not possible to send Elytron Audit logs to more destinations (files or syslogs). It is caused by security-event-listener property within security-domain takes only string attribute and not list of them.

      Example of use-case that may be affected:
      I want to send logs to a syslog server AND also as a backup to a file on NFS. This means that if the syslog server will be unreachable, it will still be possible to send logs into a backup file on NFS and therefore no logs will be completely lost.

              Unassigned Unassigned
              jtymel Jan Tymel (Inactive)
              Jan Tymel Jan Tymel (Inactive)
              Jan Tymel Jan Tymel (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: