Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-16389

AM audit logging for CORS requests do not contain CORS result

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 7.0.0
    • Fix Version/s: 7.0.0
    • Component/s: None
    • Target Version/s:
    • Rank:
      1|i01ap3:
    • Functional tests:
      Yes
    • Are the reproduction steps defined?:
      Yes but I used my own steps. (If so, please add them in a new comment)

      Description

      The logging from a CORS OPTIONS request generally claims the response code to be 405 Method Not Allowed, but this is converted in the CORS Filter to a different response code. Presumably the CORS Filter is mis-ordered so that it happens before the Audit Filter.

        response: {
         detail: {
          reason: "Method Not Allowed"     
         }
         elapsedTime: 9    
         elapsedTimeUnits: "MILLISECONDS"    
         status: "FAILED"    
         statusCode: "405"    
        }
      

      should in fact be something like:

        response: {
         detail: {
          reason: "OK"     
         }
         elapsedTime: 9    
         elapsedTimeUnits: "MILLISECONDS"    
         status: "SUCCESS"    
         statusCode: "200"    
        }
      

        Attachments

          Activity

            People

            • Assignee:
              emma.rumsey Emma Rumsey
              Reporter:
              jamesphillpotts James Phillpotts
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: