Uploaded image for project: 'Dev - Nexus Repo'
  1. Dev - Nexus Repo
  2. NEXUS-25627

audit message for LDAP connection change should be more specific what was updated

    Details

    • Type: Improvement
    • Status: New
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 3.28.1
    • Fix Version/s: None
    • Component/s: Audit, LDAP
    • Labels:
    • Notability:
      n/a

      Description

      If an administrator creates or updates an LDAP connection, then the following audit event is recorded, the type will be created or updated:

      Example:

      {
        "timestamp": "2020-10-22 15:57:36,157-0300",
        "nodeId": "AA6AA580-E8B43137-12549DA5-3A44B6AE-A3FEDB78",
        "initiator": "admin/127.0.0.1",
        "domain": "security.ldap",
        "type": "update",
        "context": "test",
        "thread": "qtp386419747-177",
        "attributes": {
          "id": "96e8f724-b6c1-4da6-8b6a-8dca9165285e",
          "name": "test",
          "order": "2147483647"
        }
      }
      

      The audit event does not tell us what part of the LDAP connection config changed.

      Expected

      When an LDAP connection is updated, record in the audit log "what" configuration parts are changed, but for security reasons, not what the actual old / new values are.

        Attachments

          Activity

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            plynch Peter Lynch
            Last Updated By:
            Wes Wannemacher Wes Wannemacher
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Dates

              Created:
              Updated:
              Date of First Response:

                tigCommentSecurity.panel-title