Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Duplicate
-
None
-
None
-
None
Description
Spinoff from SOLR-13741
When a REJECTED event is generated from SolrDispatchFilter on failed authentication, we only have the HttpServletRequest as input, no SolrParams, Principal etc. In this case we parse "resource" from contextPath, while we should use getPathInfo(). Also, we fail to detect admin requests as such and get UNKNOWN instead. Lastly, the solrParams part of AuditEvent is not filled at all from in this case, while we could have filled it with the parameters in the request.
Attachments
Issue Links
- duplicates
-
SOLR-13835 HttpSolrCall produces incorrect extra AuditEvent on AuthorizationResponse.PROMPT
- Resolved
- is blocked by
-
SOLR-13835 HttpSolrCall produces incorrect extra AuditEvent on AuthorizationResponse.PROMPT
- Resolved
- requires
-
SOLR-13741 AuditLoggerIntegrationTest hardening
- Closed