[OPENAM-14292] AM-LOGIN-COMPLETED does not log name of chain used for login Created: 22/Jan/19 Updated: 15/Jul/20 Resolved: 08/Jul/20
|Component/s:||audit logging, authentication|
|Fix Version/s:||7.0.0, 6.5.3|
|Reporter:||Craig McDonnell||Assignee:||Gabor Melkvi|
|Labels:||AME, Must-Fix, Selected|
|Remaining Estimate:||Not Specified|
|Time Spent:||Not Specified|
|Original Estimate:||Not Specified|
The audit event "AM-LOGIN-COMPLETED" is logged to the authentication topic when an authentication chain completes. Unfortunately, it does not log the name of the chain used for login. Assuming that a chain was explicitly specified via a query parameter, this information is available in the http.request.queryParameters field of the associated access event (linked by having the same transactionId value).
Note. that the audit event "AM-TREE-LOGIN-COMPLETED" does not suffer from this issue. The name of the tree used for login is recorded as part of that event.
Details steps outlining how to recreate the issue (remove this text)
The method getAuditEntryDetail logs the index type (e.g. "service") but does not log the index value (e.g. "ldapService"). Note that the code for logging index type actually only works when the index type was explicitly specified. When the index type is not specified (e.g. using default login service) then the index type is not reported.