Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-16675

audit log blacklist AM-ACCESS-OUTCOME doesn't work

    Details

    • Type: Bug
    • Status: Open
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: 7.0.0, 6.5.3
    • Fix Version/s: None
    • Component/s: audit logging
    • Labels:
      None

      Description

      Bug description

      Outcome of http request is by default written to container's (tomcat) access log. AM writes AM-ACCESS-OUTCOME event to audit log, so basically information is logged twice by default.

      This can be changed by blacklisting "access" in "Configure" -> "Global Services" -> "Audit logging"

      And we should be able to change it also by adding "AM-ACCESS-OUTCOME" to "org.forgerock.openam.audit.identity.activity.events.blacklist" in "Configure" -> "Server Defaults" but this is not working.

      How to reproduce the issue

      1. remove audit log contents "find ~/openam/var/audit -type f -exec cp /dev/null {} \;"
      2. authenticate as demo user
      3. check audit logs "grep AM-ACCESS-OUTCOME ~/openam/var/audit/*" and see there is audit log entry
      4. change configuration add "AM-ACCESS-OUTCOME" to "org.forgerock.openam.audit.identity.activity.events.blacklist" in "Configure" -> "Server Defaults"
      5. repeat steps 1. 2. 3.
      Expected behaviour
      AM-ACCESS-OUTCOME entry should not be there in step 5
      Current behaviour
      AM-ACCESS-OUTCOME entry is in audit log regardless of "org.forgerock.openam.audit.identity.activity.events.blacklist" settings
      

      Work around

      Blacklisting "access" in "Configure" -> "Global Services" -> "Audit logging"

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                lubomir.mlich Ľubomír Mlích
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated: