Bug 1121060 - [ACL][LOG] publish action does not log on allow-log rule
Summary: [ACL][LOG] publish action does not log on allow-log rule
Keywords:
Status: NEW
Alias: None
Product: Red Hat Enterprise MRG
Classification: Red Hat
Component: qpid-cpp
Version: Development
Hardware: Unspecified
OS: Unspecified
low
low
Target Milestone: 3.3
: ---
Assignee: Chuck Rolke
QA Contact: Messaging QE
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2014-07-18 09:42 UTC by Zdenek Kraus
Modified: 2015-01-20 15:14 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Enhancement
Doc Text:
Clone Of:
Environment:
Last Closed:


Attachments (Terms of Use)

Description Zdenek Kraus 2014-07-18 09:42:50 UTC
Description of problem:
acl rule with allow-log resolution does not log the publish action from spout.

Version-Release number of selected component (if applicable):
qpid-cpp-server-0.22-43

How reproducible:
100%

Steps to Reproduce:
1. 
cat >/etc/qpid/qpidd.conf
auth=yes
log-enable=debug+:acl
log-to-file=/var/lib/qpidd/qpidd.log
acl-file=allow-log.acl

2. 
cat >/etc/qpid/allow-log.acl
acl allow-log all all

3.
service qpidd restart

4.
 ./spout "amq.topic"

5.
tail /var/lib/qpidd/qpidd.log



Actual results:
[4]
Message(properties={'spout-id': '79d4730d-32cb-4b3c-80a7-9985745d5030:0'}, content_type='text/plain')

[5]
2014-07-18 11:40:18 [Security] debug ACL: Load Rules
2014-07-18 11:40:18 [Security] debug ACL: Processing  1 allow-log [*] *
2014-07-18 11:40:18 [Security] debug ACL: FoundMode allow-log
2014-07-18 11:40:18 [Security] info ACL Plugin loaded
2014-07-18 11:40:47 [Security] debug ACL: Lookup for id:anonymous@QPID action:access objectType:exchange name:amq.topic with params { }
2014-07-18 11:40:47 [Security] debug ACL: No successful match, defaulting to the decision mode allow-log
2014-07-18 11:40:47 [Security] info ACL Allow id:anonymous@QPID action:access ObjectType:exchange Name:amq.topic
2014-07-18 11:40:47 [Security] debug ACL: Lookup for id:anonymous@QPID action:access objectType:queue name:amq.topic with params { }
2014-07-18 11:40:47 [Security] debug ACL: No successful match, defaulting to the decision mode allow-log
2014-07-18 11:40:47 [Security] info ACL Allow id:anonymous@QPID action:access ObjectType:queue Name:amq.topic


Expected results:
[5]
... lookup, and info allow for _publish_ action


Additional info:
on deny rule publish is logged


Note You need to log in before you can comment on or make changes to this bug.