Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-13515

Incorrect transaction id used in access events for JATO UI user group admin


    • Type: Bug
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 14.1.1
    • Fix Version/s: None
    • Component/s: audit logging, console
    • Labels:


      Bug description

      When performing Admin UI operations on users and groups, the transaction id logged in access.audit.json is not the same as that logged for the corresponding DJ audit log record.

      How to reproduce the issue

      1. Install a DJ 5.5.0 instance and prepare it for use as an AM user store.
      2. Using dsconfig, and option 23, File based logging, enable the audit file publisher.
      3. Install AM 5.1.1, embedded datastore and user store.
      4. Create a new realm, e.g. subcribers, delete the embedded datastore from this realm and create a new datastore, pointing to the DJ 5.5.0 instance.
      5. Using REST commands, perform a user create and modify operation.  Review the access.audit.json files and DJ audit.  Verify that the transaction id for the relevant events in both files matches.
      6. Create a user and then modify it using the Admin UI.  Review the audit files created in both products again.  
      Expected behaviour
      The logged transaction ids should match across the relevant events logged in AM and DJ.
      Current behaviour
      The transaction id of the access.audit.json file EntityEdit GET event matches the logged event in DJ for the modify.  Otherwise transaction ids for logged events do not match.  See attached file for further examples and detail. 

      Work around

      Use REST based commands for all admin operations on users and group.





            • Assignee:
              lawrence.yarham Lawrence Yarham
            • Votes:
              0 Vote for this issue
              2 Start watching this issue


              • Created: