Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Fixed
-
Log4j-Audit 1.0.0
-
None
-
Patch
Description
Logging an event through LogEventFactory$AuditProxy validates the missing required context attributes:
org.apache.logging.log4j.catalog.api.exception.ConstraintValidationException: Event cashPaymentIn has errors :
ThreadContext does not contain required key userName
at org.apache.logging.log4j.audit.LogEventFactory$AuditProxy.invoke(LogEventFactory.java:294) ~[log4j-audit-api-1.0.0.jar:1.0.0]
Trying the same through the AuditLogger, as the AuditController does, doesn't trigger the same validation and the event gets through with a payload like this, partially adapted from the samples:
{
"eventName": "CashPaymentIn",
"requestContextMap": {
"loginId": "rgoers",
"corpAccountNumber": "12345",
"ipAddress": "127.0.0.1"
},
"properties": {
"salesTransaction": "52913b24-2459-416d-803d-e686e63761d0",
"currency": "EUR",
"amount": "100.00"
}
}
As far as I see in AbstractEventLogger, the validation of present requestContextAttributes starts, but there is no check to see if the required ones are present in the ThreadContext.
Attachments
Issue Links
- blocks
-
LOG4J2-2443 Consistent validation exceptions
-
- Closed
-
- links to
