You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@qpid.apache.org by "Alex Rudyy (JIRA)" <ji...@apache.org> on 2012/08/03 11:08:02 UTC
[jira] [Created] (QPID-4186) ACL allow/deny logging not useful
because it does not include principal name
Alex Rudyy created QPID-4186:
--------------------------------
Summary: ACL allow/deny logging not useful because it does not include principal name
Key: QPID-4186
URL: https://issues.apache.org/jira/browse/QPID-4186
Project: Qpid
Issue Type: Bug
Components: Java Broker
Affects Versions: 0.16
Reporter: Alex Rudyy
Assignee: Alex Rudyy
Fix For: 0.19
When a security plugin (e.g. the ACL plugin) allows or denies an operation, an operational log message is produced. Unfortunately the message does not include the user name (the log actor "Broker" is printed instead) so is of limited use.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org
[jira] [Updated] (QPID-4186) ACL allow/deny logging not useful
because it does not include principal name
Posted by "Alex Rudyy (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/QPID-4186?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Alex Rudyy updated QPID-4186:
-----------------------------
Attachment: 0001-QPID-4186-MBeanInvocationHandler-now-sets-log-actor-.patch
attached patch
> ACL allow/deny logging not useful because it does not include principal name
> ----------------------------------------------------------------------------
>
> Key: QPID-4186
> URL: https://issues.apache.org/jira/browse/QPID-4186
> Project: Qpid
> Issue Type: Bug
> Components: Java Broker
> Affects Versions: 0.16
> Reporter: Alex Rudyy
> Assignee: Alex Rudyy
> Fix For: 0.19
>
> Attachments: 0001-QPID-4186-MBeanInvocationHandler-now-sets-log-actor-.patch
>
>
> When a security plugin (e.g. the ACL plugin) allows or denies an operation, an operational log message is produced. Unfortunately the message does not include the user name (the log actor "Broker" is printed instead) so is of limited use.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org
[jira] [Updated] (QPID-4186) JMX management ACL allow/deny logging
not useful because it does not include principal name
Posted by "Robbie Gemmell (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/QPID-4186?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Robbie Gemmell updated QPID-4186:
---------------------------------
Summary: JMX management ACL allow/deny logging not useful because it does not include principal name (was: ACL allow/deny logging not useful because it does not include principal name)
> JMX management ACL allow/deny logging not useful because it does not include principal name
> -------------------------------------------------------------------------------------------
>
> Key: QPID-4186
> URL: https://issues.apache.org/jira/browse/QPID-4186
> Project: Qpid
> Issue Type: Bug
> Components: Java Broker
> Affects Versions: 0.16
> Reporter: Alex Rudyy
> Assignee: Robbie Gemmell
> Fix For: 0.19
>
> Attachments: 0001-QPID-4186-MBeanInvocationHandler-now-sets-log-actor-.patch
>
>
> When a security plugin (e.g. the ACL plugin) allows or denies an operation, an operational log message is produced. Unfortunately the message does not include the user name (the log actor "Broker" is printed instead) so is of limited use.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org
[jira] [Assigned] (QPID-4186) ACL allow/deny logging not useful
because it does not include principal name
Posted by "Alex Rudyy (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/QPID-4186?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Alex Rudyy reassigned QPID-4186:
--------------------------------
Assignee: Robbie Gemmell (was: Alex Rudyy)
please commit.
> ACL allow/deny logging not useful because it does not include principal name
> ----------------------------------------------------------------------------
>
> Key: QPID-4186
> URL: https://issues.apache.org/jira/browse/QPID-4186
> Project: Qpid
> Issue Type: Bug
> Components: Java Broker
> Affects Versions: 0.16
> Reporter: Alex Rudyy
> Assignee: Robbie Gemmell
> Fix For: 0.19
>
> Attachments: 0001-QPID-4186-MBeanInvocationHandler-now-sets-log-actor-.patch
>
>
> When a security plugin (e.g. the ACL plugin) allows or denies an operation, an operational log message is produced. Unfortunately the message does not include the user name (the log actor "Broker" is printed instead) so is of limited use.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org
[jira] [Commented] (QPID-4186) ACL allow/deny logging not useful
because it does not include principal name
Posted by "Philip Harvey (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/QPID-4186?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13427925#comment-13427925 ]
Philip Harvey commented on QPID-4186:
-------------------------------------
I have reviewed this change and am happy with it.
> ACL allow/deny logging not useful because it does not include principal name
> ----------------------------------------------------------------------------
>
> Key: QPID-4186
> URL: https://issues.apache.org/jira/browse/QPID-4186
> Project: Qpid
> Issue Type: Bug
> Components: Java Broker
> Affects Versions: 0.16
> Reporter: Alex Rudyy
> Assignee: Robbie Gemmell
> Fix For: 0.19
>
> Attachments: 0001-QPID-4186-MBeanInvocationHandler-now-sets-log-actor-.patch
>
>
> When a security plugin (e.g. the ACL plugin) allows or denies an operation, an operational log message is produced. Unfortunately the message does not include the user name (the log actor "Broker" is printed instead) so is of limited use.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org
[jira] [Updated] (QPID-4186) ACL allow/deny logging not useful
because it does not include principal name
Posted by "Alex Rudyy (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/QPID-4186?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Alex Rudyy updated QPID-4186:
-----------------------------
Status: Ready To Review (was: In Progress)
> ACL allow/deny logging not useful because it does not include principal name
> ----------------------------------------------------------------------------
>
> Key: QPID-4186
> URL: https://issues.apache.org/jira/browse/QPID-4186
> Project: Qpid
> Issue Type: Bug
> Components: Java Broker
> Affects Versions: 0.16
> Reporter: Alex Rudyy
> Assignee: Alex Rudyy
> Fix For: 0.19
>
> Attachments: 0001-QPID-4186-MBeanInvocationHandler-now-sets-log-actor-.patch
>
>
> When a security plugin (e.g. the ACL plugin) allows or denies an operation, an operational log message is produced. Unfortunately the message does not include the user name (the log actor "Broker" is printed instead) so is of limited use.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org
[jira] [Resolved] (QPID-4186) JMX management ACL allow/deny logging
not useful because it does not include principal name
Posted by "Robbie Gemmell (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/QPID-4186?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Robbie Gemmell resolved QPID-4186.
----------------------------------
Resolution: Fixed
Patch applied with one tiny change:
{noformat}
@@ -157,9 +157,9 @@ public class MBeanInvocationHandlerImpl implements InvocationHandler, Notificati
// Save the subject
SecurityManager.setThreadSubject(subject);
+ CurrentActor.set(_logActor);
try
{
- CurrentActor.set(_logActor);
return authoriseAndInvoke(method, args);
}
finally
{noformat}
> JMX management ACL allow/deny logging not useful because it does not include principal name
> -------------------------------------------------------------------------------------------
>
> Key: QPID-4186
> URL: https://issues.apache.org/jira/browse/QPID-4186
> Project: Qpid
> Issue Type: Bug
> Components: Java Broker
> Affects Versions: 0.16
> Reporter: Alex Rudyy
> Assignee: Robbie Gemmell
> Fix For: 0.19
>
> Attachments: 0001-QPID-4186-MBeanInvocationHandler-now-sets-log-actor-.patch
>
>
> When a security plugin (e.g. the ACL plugin) allows or denies an operation, an operational log message is produced. Unfortunately the message does not include the user name (the log actor "Broker" is printed instead) so is of limited use.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org