Details
-
Bug
-
Resolution: Done
-
Critical
-
None
-
None
-
Release Notes
Description
Add trace logging to the security constraint processing in wildfly/undertow.
Tomcat/JBossWeb logs the following:
11:32:09,709 DEBUG [org.apache.catalina.authenticator] (http-/127.0.0.1:8080-1) Security checking request GET /SimpleWar/Hello
11:32:09,709 DEBUG [org.apache.catalina.realm] (http-/127.0.0.1:8080-1) Checking constraint 'SecurityConstraint[Secure Content]' against GET /Hello --> true
11:32:09,709 DEBUG [org.apache.catalina.realm] (http-/127.0.0.1:8080-1) Checking constraint 'SecurityConstraint[Secure Content]' against GET /Hello --> true
11:32:09,709 DEBUG [org.apache.catalina.authenticator] (http-/127.0.0.1:8080-1) Calling hasUserDataPermission()
11:32:09,709 DEBUG [org.apache.catalina.realm] (http-/127.0.0.1:8080-1) User data constraint has no restrictions
11:32:09,710 DEBUG [org.apache.catalina.authenticator] (http-/127.0.0.1:8080-1) Calling authenticate()
...
...
11:32:09,727 DEBUG [org.apache.catalina.authenticator] (http-/127.0.0.1:8080-1) Authenticated 'admin' with type 'BASIC'
11:32:09,727 DEBUG [org.apache.catalina.authenticator] (http-/127.0.0.1:8080-1) Calling accessControl()
11:32:09,727 DEBUG [org.apache.catalina.realm] (http-/127.0.0.1:8080-1) Checking roles GenericPrincipal[admin(JBossAdmin,manager,)]
11:32:09,727 DEBUG [org.apache.catalina.realm] (http-/127.0.0.1:8080-1) JBWEB000017: User [admin] has role [JBossAdmin]
11:32:09,727 DEBUG [org.apache.catalina.realm] (http-/127.0.0.1:8080-1) Role found: JBossAdmin
11:32:09,727 DEBUG [org.apache.catalina.authenticator] (http-/127.0.0.1:8080-1) Successfully passed all security constraints
This helps us (support) determine if the user is authenticated, what role is required for a specific resource.
This is going to be very difficult to support if we do not have this type of information.
Attachments
Issue Links
- clones
-
-
- Closed
-