Uploaded image for project: 'OpenAM Agents'
  1. OpenAM Agents
  2. AMAGENTS-32

Audit logging in WPA 4.0.0 includes requests for not enforced URLs

    XMLWordPrintable

    Details

      Description

      In 3.3.x a client accessing a not enforced URL does not generate an audit log.

      In 4.0.0, the same request generates an audit event:

      "2016-02-25 11:40:58"	"user (empty) (192.168.56.1) was allowed access to http://www.example.com:80/favicon.ico"	"Not Available"	id=amadmin,ou=user,dc=openam,dc=forgerock,dc=org	"Not Available"	INFO	dc=openam,dc=forgerock,dc=org	"Not Available"	id=WebAgent,ou=agent,dc=openam,dc=forgerock,dc=org	"Not Available"	amAgent_www_example_com_80.log	192.168.56.1
      
      2016-02-25 11:40:31.329 +0000   AUDIT [0x7f5a5a39b7e0:448] user (empty) (192.168.56.1) was allowed access to http://www.example.com:80/favicon.ico
      

      This could generate a lot of unwanted audit events on a site with heavy notenforced traffic, and particularly if this is post-upgrade from an existing 3.3.x - these events may be unexpected.

      Steps to reproduce:

      1) Setup OpenAM with a WPA configured to include a notenforced URL and audit logging turned on.
      2) Access not enforced URL and check audit logs.

        Attachments

          Activity

            People

            Assignee:
            mareks Mareks Malnacs
            Reporter:
            ian.packer Ian Packer [X] (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: