Service Packs and Hot Fixes
  1. Service Packs and Hot Fixes
  2. MNT-6788

Audit doesn't take into account CIFS authentication

    Details

    • Hot Fix Version:
      Historic
    • ACT Numbers:

      15024-16333 DIAMOND

      Description

      [ Steps to reproduce ]

      1. Enable Audit (http://wiki.alfresco.com/wiki/Audit_Configuration)
      2. Authenticate with CIFS

      [ Actual Result ]

      No row is displayed using select * alf_audit_fact;

      [ Expected Resut ]

      A row should be insert everytime a user is connection.

      [ Analysis | Notes | Observed ...]

      org.alfresco.filesys.server.auth.CifsAuthenticator doesn't seem to have anotation used by audit

      Environment: Alfresco 2.2.5 / MacOS 10 / MySQL / Tomcat / JDK 1.5

      Fixed on latest version? : Audit mechanism is different in last version

        Issue Links

          Activity

          Hide
          Claudia Belardo added a comment -

          So they are prepared to take a Service Pack - as Sp7 has been released how can we do this?

          Show
          Claudia Belardo added a comment - So they are prepared to take a Service Pack - as Sp7 has been released how can we do this?
          Hide
          dward added a comment -

          Please backport the following revisions to V2.2

          V3.1:

          17314: ETHREEOH-3158: Fix RepoServerMgmt to work with external authentication methods

          • AuthenticationService.getCurrentTicket / getNewTicket now call pre authentication check before issuing a new ticket, thus still allowing ticket enforcement when external authentication is in use.

          V3.2:

          17456: Fix for: ETHREEOH-1465: It's impossible to get the login history for a given user (Audit)

          • all authentication routes (SSO and password) can now audit getting a new ticket for a session. SSO does not authenticate via the alfresco AuthenticationService API
          • you can now use auditing to track new sessions for users.
          Show
          dward added a comment - Please backport the following revisions to V2.2 V3.1: 17314: ETHREEOH-3158 : Fix RepoServerMgmt to work with external authentication methods AuthenticationService.getCurrentTicket / getNewTicket now call pre authentication check before issuing a new ticket, thus still allowing ticket enforcement when external authentication is in use. V3.2: 17456: Fix for: ETHREEOH-1465 : It's impossible to get the login history for a given user (Audit) all authentication routes (SSO and password) can now audit getting a new ticket for a session. SSO does not authenticate via the alfresco AuthenticationService API you can now use auditing to track new sessions for users.
          Hide
          dward added a comment -

          The bug concerns the fact that there is no audit event generated by AuthenticationComponent.getNewTicket(), which is the only even we can track for both SSO authentication and CIFS authentication. So doing this will work for CIFS too.

          Show
          dward added a comment - The bug concerns the fact that there is no audit event generated by AuthenticationComponent.getNewTicket(), which is the only even we can track for both SSO authentication and CIFS authentication. So doing this will work for CIFS too.
          Hide
          dward added a comment -

          I see what you mean now. The ACT ticket seems to be for an unrelated issue. I have asked for more information.

          Please fix the issue described in the bug on the V2.2 branch and we will worry about merging it into V3.2 and HEAD.

          Show
          dward added a comment - I see what you mean now. The ACT ticket seems to be for an unrelated issue. I have asked for more information. Please fix the issue described in the bug on the V2.2 branch and we will worry about merging it into V3.2 and HEAD.
          Hide
          dward added a comment -

          Now required as a hotfix on 2.2.7 as they missed the service pack.

          Show
          dward added a comment - Now required as a hotfix on 2.2.7 as they missed the service pack.
          Hide
          dward added a comment -

          Mike

          FYI we have clarified that the bug reported is the bug that needs fixing and the ACT case has been updated to reflect this. Please backport as requested.

          Show
          dward added a comment - Mike FYI we have clarified that the bug reported is the bug that needs fixing and the ACT case has been updated to reflect this. Please backport as requested.
          Hide
          Steve Rigby added a comment -

          Can you get relevant details from Mike as required please.

          For retest in 2.2.7.1

          Show
          Steve Rigby added a comment - Can you get relevant details from Mike as required please. For retest in 2.2.7.1
          Hide
          Alfresco QA Team added a comment -

          Successfully validated in Alfresco 2.2.7 (.1 6) using RHEL 5.1 x64, Tomcat 5.5.27, Mysql 5.1.35, JDK 5u17, Kerberos

          Show
          Alfresco QA Team added a comment - Successfully validated in Alfresco 2.2.7 (.1 6) using RHEL 5.1 x64, Tomcat 5.5.27, Mysql 5.1.35, JDK 5u17, Kerberos

            People

            • Assignee:
              Closed Bugs
              Reporter:
              Thomas Goirand
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: