Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-13499

Incorrect transaction ID used in access events for CREST endpoints

    Details

    • Needs backport:
      Yes
    • Needs QA verification:
      No
    • Functional tests:
      Yes
    • Are the reproduction steps defined?:
      Yes but I used my own steps. (If so, please add them in a new comment)

      Description

      Bug description

      The transaction ID used in access events for CREST endpoints is not the same as the one used for transaction ID propagation.

      How to reproduce the issue

      1. Enable transaction ID propagation in DS
      2. Call any AM CREST endpoint which results in a call to DS
      3. Locate the relevant audit events in the logs for AM and DS
      Expected behaviour
      AM and DS audit events share a common transactionId prefix
      
      Current behaviour
      AM and DS audit events do not share a common transactionId prefix
      

      Work around

      N/A

      Code analysis

      AuditEventFactory.accessEvent sets the event's transaction ID from AM's AuditRequestContext (thread local).  However, the subsequent call to AccessAuditEventBuilder.forHttpRequest results in this value being overwritten:

      org.forgerock.openam.rest.fluent.CrestAuditor#auditAccessSuccess
      AMAccessAuditEventBuilder builder = auditEventFactory.accessEvent(realm)
              .forHttpRequest(context, request)
              .timestamp(endTime)
              .eventName(EventName.AM_ACCESS_OUTCOME)
              .component(component);
      

      The same issues affects the other methods of CrestAuditor.

        Attachments

          Activity

            People

            • Assignee:
              craig.mcdonnell Craig McDonnell
              Reporter:
              craig.mcdonnell Craig McDonnell
            • Votes:
              1 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: