Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-14313

Audit Logging - STS transformations create duplicate entries

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 5.5.1, 6.0.0, 6.5.0
    • Fix Version/s: 6.5.3, 7.0.0, 5.5.2
    • Component/s: STS
    • Labels:
    • Sprint:
      AM Sustaining Sprint 66, AM Sustaining Sprint 67, AM Sustaining Sprint 68, AM Sustaining Sprint 69, AM Sustaining Sprint 70, AM Sustaining Sprint 71, AM Sustaining Sprint 72
    • Story Points:
      3
    • Needs backport:
      No
    • Support Ticket IDs:
    • Verified Version/s:
    • Needs QA verification:
      Yes
    • Functional tests:
      No
    • Are the reproduction steps defined?:
      Yes and I used the same an in the description

      Description

      Bug description

      Every token transformation creates 2 almost similar entries which make monitoring for success/failure messages difficult.

      How to reproduce the issue

      1. Configure an STS instance with any token transformation e.g OPENAM-> OPENIDCONNECT
      2. Request a token e.g
        curl -X POST \
        'http://openam.example.com:18080/openam/rest-sts/mytest?_action=translate' \
        -H 'Content-Type: application/json' \
        -H 'cache-control: no-cache' \
        -d '{ 
        "input_token_state": { "token_type": "OPENAM", "session_id": "klOoumKnpLVlGt8UaoZkQnfOoTc.*AAJTSQACMDEAAlNLABw4U2FyY0dBL3VHSVlwOUs4WUdwck50dXVFQU09AAR0eXBlAANDVFMAAlMxAAA.*"},
        "output_token_state": { "token_type": "OPENIDCONNECT", "nonce": "12345678", "allow_access": true } 
        }'
      3. Monitor the access.audit.json log, observe there are 2 entries with same transaction id and different _id:
        {"transactionId":"cb804633-3a7f-4afb-ad40-88ff44ae3953-14715","client":{"ip":"192.168.56.1","port":59794},"server":{"ip":"192.168.56.10","port":18080},"http":{"request":{"secure":false,"method":"POST","path":"http://openam.example.com:18080/openam/rest-sts/mytest","queryParameters":{"_action":["translate"]},"headers":{"accept":["*/*"],"host":["openam.example.com:18080"],"user-agent":["PostmanRuntime/7.6.0"]},"cookies":{"amlbcookie":"01"}}},"request":{"protocol":"CREST","operation":"ACTION","detail":{"action":"translate"}},"timestamp":"2019-01-24T11:30:32.525Z","eventName":"AM-ACCESS-OUTCOME","component":"STS","response":{"status":"SUCCESSFUL","statusCode":"","elapsedTime":39,"elapsedTimeUnits":"MILLISECONDS"},"_id":"cb804633-3a7f-4afb-ad40-88ff44ae3953-14727"}
        
        
        {"transactionId":"cb804633-3a7f-4afb-ad40-88ff44ae3953-14715","client":{"ip":"192.168.56.1","port":59794},"server":{"ip":"192.168.56.10","port":18080},"http":{"request":{"secure":false,"method":"POST","path":"http://openam.example.com:18080/openam/rest-sts/mytest","queryParameters":{"_action":["translate"]},"headers":{"accept":["*/*"],"host":["openam.example.com:18080"],"user-agent":["PostmanRuntime/7.6.0"]},"cookies":{"amlbcookie":"01"}}},"request":{"protocol":"CREST","operation":"ACTION","detail":{"action":"translate"}},"timestamp":"2019-01-24T11:30:32.526Z","eventName":"AM-ACCESS-OUTCOME","component":"STS","response":{"status":"SUCCESSFUL","statusCode":"","elapsedTime":40,"elapsedTimeUnits":"MILLISECONDS"},"_id":"cb804633-3a7f-4afb-ad40-88ff44ae3953-14729"}
      Expected behaviour
      one unique entry should be created
      
      Current behaviour
      2 entries are created
      

       

        Attachments

          Activity

            People

            • Assignee:
              sachiko Sachiko Wallace
              Reporter:
              anastasios.kampas Tasos Kampas
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: