Uploaded image for project: 'OpenIDM'
  1. OpenIDM
  2. OPENIDM-4933

Tamper-evident audit logs: Verification command does not give meaningful results

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Cannot Reproduce
    • Affects Version/s: OpenIDM 4.0.0, OpenIDM 4.5.0
    • Fix Version/s: OpenIDM 4.5.0
    • Component/s: Module - Audit
    • Labels:
    • Environment:
      OpenIDM 4.0 RC1 runs on a CentOS with MySQL as repo

      Description

      After made changes to tamper evident audit files, the verification command didn't give any meaningful result

      To reproduce:
      1. started openidm using sample2b(just for running recon easily)
      2. Followed the integrator's guide http://openidm.forgerock.org/doc/bootstrap/integrators-guide/index.html#tamper-evident-operation to configure the signature algorithm and password key.
      3. Enabled the feature on UI through System Preference->Audit->CsvAuditEventHandler
      used space for quoteChar, - for delimitChar and ***** for symbols between lines. enabled tamper evident, used openidm for the handler and 5 minutes as signature interval. submit changes, removed the existing audit files and save changes on UI.
      3. observed the new audit files name changed to tamper-evident-access.csv and etc and the audit files have HMAC and signature values included. run more recons and make changes to the recon audit file.
      4. Run the following command to detect changes in openidm directory.
      java -jar bundle/forgerock-audit-handler-csv-4.1.0.jar --archive audit/ --topic recon --keystore security/keystore.jceks --password changeit

      The output is as follow:
      SLF4J: Failed to load class "org.slf4j.impl.StaticLoggerBinder".
      SLF4J: Defaulting to no-operation (NOP) logger implementation
      SLF4J: See http://www.slf4j.org/codes.html#StaticLoggerBinder for further details.

      and no other meaningful info to show the audit file is changed or not. according to Alin and Andi, the slf4j warnings should be harmless.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                jason Jason Lemay
                Reporter:
                Tinghua.Xu Tinghua.Xu
                QA Assignee:
                Tinghua.Xu
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: