Qpid
  1. Qpid
  2. QPID-4186

JMX management ACL allow/deny logging not useful because it does not include principal name

    Details

    • Type: Bug Bug
    • Status: Resolved
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 0.16
    • Fix Version/s: 0.19
    • Component/s: Java Broker
    • Labels:
      None

      Description

      When a security plugin (e.g. the ACL plugin) allows or denies an operation, an operational log message is produced. Unfortunately the message does not include the user name (the log actor "Broker" is printed instead) so is of limited use.

        Issue Links

          Activity

          Hide
          Robbie Gemmell added a comment -

          Patch applied with one tiny change:

          @@ -157,9 +157,9 @@ public class MBeanInvocationHandlerImpl implements InvocationHandler, Notificati
           
                       // Save the subject
                       SecurityManager.setThreadSubject(subject);
          +            CurrentActor.set(_logActor);
                       try
                       {
          -                CurrentActor.set(_logActor);
                           return authoriseAndInvoke(method, args);
                       }
                       finally
          
          Show
          Robbie Gemmell added a comment - Patch applied with one tiny change: @@ -157,9 +157,9 @@ public class MBeanInvocationHandlerImpl implements InvocationHandler, Notificati // Save the subject SecurityManager.setThreadSubject(subject); + CurrentActor.set(_logActor); try { - CurrentActor.set(_logActor); return authoriseAndInvoke(method, args); } finally
          Hide
          Philip Harvey added a comment -

          I have reviewed this change and am happy with it.

          Show
          Philip Harvey added a comment - I have reviewed this change and am happy with it.
          Hide
          Alex Rudyy added a comment -

          please commit.

          Show
          Alex Rudyy added a comment - please commit.
          Hide
          Alex Rudyy added a comment -

          attached patch

          Show
          Alex Rudyy added a comment - attached patch

            People

            • Assignee:
              Robbie Gemmell
              Reporter:
              Alex Rudyy
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development