search

dogtagpki / pki

The Dogtag Certificate System is an enterprise-class Certificate Authority (CA) which supports all aspects of certificate lifecycle management, including key archival, OCSP and smartcard management.
https://www.dogtagpki.org
GNU General Public License v2.0
378 stars 138 forks source link

Audit log messages missing when userKey profile is disabled and token enrollment is attempted #3016

Open pki-bot opened 4 years ago

pki-bot commented 4 years ago

This issue was migrated from Pagure Issue #2898. Originally filed by mharmsen (@mharmsen) on 2018-01-09 21:32:40:

Audit log messages missing when profile is disabled and token enrollment is attempted

Steps to Reproduce:

1. Disable userKey profile using TPS UI.
2. Enroll a smartcard token.

Actual results:

Enrollment fails but no failure messages in TPS audit log.

0.http-bio-25443-exec-9 - [04/Aug/2017:13:19:22 EDT] [14] [6] [AuditEvent=AUTHZ_SUCCESS][SubjectID=tpsadmin][Outcome=Success][aclResource=null][Op=null][Info=no ACL configured; OK:ProfileResource.changeStatus] authorization success
0.http-bio-25443-exec-9 - [04/Aug/2017:13:19:22 EDT] [14] [6] [AuditEvent=CONFIG_TOKEN_PROFILE][SubjectID=tpsadmin][Outcome=Success][Service=ProfileService.changeStatus][ProfileID=userKey][ParamNameValPairs=+Status;;Disabled+Action;;disable+profileID;;userKey][Info=null] token profile configuration parameter(s) change
0.http-bio-25443-exec-9 - [04/Aug/2017:13:19:22 EDT] [14] [6] [AuditEvent=AUTHZ_SUCCESS][SubjectID=tpsadmin][Outcome=Success][aclResource=certServer.tps.profiles][Op=read][Info=ProfileResource.getProfile] authorization success
0.http-bio-25080-exec-10 - [04/Aug/2017:13:19:52 EDT] [14] [6] [AuditEvent=TOKEN_OP_REQUEST][IP=10.13.129.77][CUID=4090614575C1240E0327][MSN=FF%FF%FF%FF%][Outcome=success][OP=enroll][AppletVersion=1.4.58768072] token processor op request made
0.http-bio-25443-exec-2 - [04/Aug/2017:13:21:24 EDT] [14] [6] [AuditEvent=ACCESS_SESSION_TERMINATED][ClientIP=10.19.34.100][ServerIP=10.8.60.15][SubjectID=CN=PKI Administrator,E=tpsadmin@idm.lab.eng.rdu2.redhat.com,OU=pki-tps-Jul26,O=pki-ca-Jul26-sec-domain][Outcome=Success][Info=CLOSE_NOTIFY] access session terminated
0.http-bio-25443-exec-9 - [04/Aug/2017:13:21:28 EDT] [14] [6] [AuditEvent=ACCESS_SESSION_TERMINATED][ClientIP=10.19.34.100][ServerIP=10.8.60.15][SubjectID=CN=PKI Administrator,E=tpsadmin@idm.lab.eng.rdu2.redhat.com,OU=pki-tps-Jul26,O=pki-ca-Jul26-sec-domain][Outcome=Success][Info=CLOSE_NOTIFY] access session terminated
pki-bot commented 4 years ago

Comment from mharmsen (@mharmsen) at 2018-01-09 21:33:00

Metadata Update from @mharmsen: