Apache
 » 
Archiva
 » 
Archiva - Issues

[jira] Created: (MRM-1244) Improve Authorization Denied log message

View: New views
3 Messages — Rating Filter:   Alert me  

[jira] Created: (MRM-1244) Improve Authorization Denied log message

by JIRA jira@codehaus.org :: Rate this Message:

Reply (Restricted by the Administrator) | Reply to Author | View Threaded | Show Only this Message

Improve Authorization Denied log message
----------------------------------------

                 Key: MRM-1244
                 URL: http://jira.codehaus.org/browse/MRM-1244
             Project: Archiva
          Issue Type: Improvement
    Affects Versions: 1.2.2
            Reporter: Wendy Smoak


I see this in archiva.log

2009-09-02 08:05:42,086 [btpool0-0] INFO  org.apache.maven.archiva.security.ArchivaServletAuthenticator  - Authorization Denied [ip=127.0.0.1,permission=archiva-read-repository,repo=internal] : no matching permissions

Can this message be improved to include
 1. the file being accessed
 2. the username that tried to access it
?

Sometimes you can correlate times with the Jetty access log and figure it out.  (In my environment it's usually the guest user missing a repo observer role.)


--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

       

[jira] Updated: (MRM-1244) Improve Authorization Denied log message

by JIRA jira@codehaus.org :: Rate this Message:

Reply (Restricted by the Administrator) | Reply to Author | View Threaded | Show Only this Message


     [ http://jira.codehaus.org/browse/MRM-1244?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Brett Porter updated MRM-1244:
------------------------------

    Fix Version/s: 1.2.3

> Improve Authorization Denied log message
> ----------------------------------------
>
>                 Key: MRM-1244
>                 URL: http://jira.codehaus.org/browse/MRM-1244
>             Project: Archiva
>          Issue Type: Improvement
>    Affects Versions: 1.2.2
>            Reporter: Wendy Smoak
>             Fix For: 1.2.3
>
>
> I see this in archiva.log
> 2009-09-02 08:05:42,086 [btpool0-0] INFO  org.apache.maven.archiva.security.ArchivaServletAuthenticator  - Authorization Denied [ip=127.0.0.1,permission=archiva-read-repository,repo=internal] : no matching permissions
> Can this message be improved to include
>  1. the file being accessed
>  2. the username that tried to access it
> ?
> Sometimes you can correlate times with the Jetty access log and figure it out.  (In my environment it's usually the guest user missing a repo observer role.)

--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

       

[jira] Updated: (MRM-1244) Improve Authorization Denied log message

by JIRA jira@codehaus.org :: Rate this Message:

Reply (Restricted by the Administrator) | Reply to Author | View Threaded | Show Only this Message


     [ http://jira.codehaus.org/browse/MRM-1244?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Maria Odea Ching updated MRM-1244:
----------------------------------

    Fix Version/s:     (was: 1.2.3)
                   1.3

> Improve Authorization Denied log message
> ----------------------------------------
>
>                 Key: MRM-1244
>                 URL: http://jira.codehaus.org/browse/MRM-1244
>             Project: Archiva
>          Issue Type: Improvement
>    Affects Versions: 1.2.2
>            Reporter: Wendy Smoak
>             Fix For: 1.3
>
>
> I see this in archiva.log
> 2009-09-02 08:05:42,086 [btpool0-0] INFO  org.apache.maven.archiva.security.ArchivaServletAuthenticator  - Authorization Denied [ip=127.0.0.1,permission=archiva-read-repository,repo=internal] : no matching permissions
> Can this message be improved to include
>  1. the file being accessed
>  2. the username that tried to access it
> ?
> Sometimes you can correlate times with the Jetty access log and figure it out.  (In my environment it's usually the guest user missing a repo observer role.)

--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

       
Free embeddable forum powered by Nabble Forum Help