Bug 912233 - No audit feature for security-realm
Summary: No audit feature for security-realm
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: JBoss Enterprise Application Platform 6
Classification: JBoss
Component: Security
Version: 6.0.1
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
: ---
Assignee: Darran Lofthouse
QA Contact: Josef Cacek
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2013-02-18 07:54 UTC by Hisanobu Okuda
Modified: 2019-02-15 13:32 UTC (History)
11 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2017-02-20 16:33:06 UTC
Type: Feature Request
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Issue Tracker AS7-6628 0 Major Closed No audit feature for security-realm 2019-05-08 03:47:58 UTC
Red Hat Issue Tracker PRODMGT-1483 0 Major Open audit of login (and potentially logout) of the management interfaces 2019-05-08 03:47:58 UTC

Description Hisanobu Okuda 2013-02-18 07:54:13 UTC 
Description of problem:
There is no auditing feature for security-realm. Need the feature like audit provider for security-domain.

Version-Release number of selected component (if applicable):
EAP 6.0.x

How reproducible:


Steps to Reproduce:
1.
2.
3.
  
Actual results:


Expected results:


Additional info:
Comment 1 Heiko Braun 2013-02-18 08:56:22 UTC 
Please create feature request in the community Jira
Comment 3 Hisanobu Okuda 2013-02-26 01:08:39 UTC 
The RFE was filed in the community JIRA.
https://issues.jboss.org/browse/AS7-6628
Comment 4 Darran Lofthouse 2013-03-07 10:11:13 UTC 
Taking ownership of this one, it is not actually the realm that requires audit capabilities but the entry point to the server.

The reason being that as we switch to a more IDM based approach access to the backing store no longer reveals information on the successful outcome of an authentication attempt - that decision now happens at the entry point e.g. the HTTP authentication mechanism or the SASL mechanism, both of which need to be sending out some form of notification that can be logged.

Undertow already has quite a bit of this in place to cover HTTP, the SASL mechanisms require some further work so that they can emit similar notifications.
Comment 5 JBoss JIRA Server 2013-03-07 15:15:51 UTC 
Brian Stansberry <brian.stansberry> made a comment on jira AS7-6628

This should be part of the general audit logging functionality. See AS7-444. Darran, before doing anything on this, chat with Kabir and I.
Comment 26 Petr Penicka 2016-02-08 14:28:12 UTC 
Triage: @Brad verify and infor if we can close.
Comment 27 Brad Maxwell 2017-02-20 16:33:06 UTC 
Closing as this is an RFE: PRODMGT-1483
Note You need to log in before you can comment on or make changes to this bug.