Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

More debug logging in realms authenticator #124342

Merged
merged 11 commits into from
Mar 9, 2025
Merged

More debug logging in realms authenticator #124342

merged 11 commits into from
Mar 9, 2025

Conversation

n1v0lg
Copy link
Contributor

@n1v0lg n1v0lg commented Mar 7, 2025

This PR adds debug logging to the realms authenticator, for exceptions around request processing.

@n1v0lg n1v0lg added >non-issue :Security/Authentication Logging in, Usernames/passwords, Realms (Native/LDAP/AD/SAML/PKI/etc) labels Mar 7, 2025
@n1v0lg n1v0lg self-assigned this Mar 7, 2025
@n1v0lg n1v0lg marked this pull request as ready for review March 7, 2025 16:05
@elasticsearchmachine elasticsearchmachine added the Team:Security Meta label for security team label Mar 7, 2025
@elasticsearchmachine
Copy link
Collaborator

Pinging @elastic/es-security (Team:Security)

@n1v0lg n1v0lg requested a review from slobodanadamovic March 7, 2025 16:08
jakelandis
jakelandis approved these changes Mar 7, 2025
View reviewed changes
Copy link
Contributor

@jakelandis jakelandis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

...lugin/security/src/main/java/org/elasticsearch/xpack/security/authc/RealmsAuthenticator.java Outdated
@@ -252,6 +252,14 @@ private void consumeToken(Context context, ActionListener<AuthenticationResult<A
listener.onFailure(context.getRequest().authenticationFailed(authenticationToken));
} else {
assert e instanceof AuthenticationTerminatedSuccessfullyException == false : e;
logger.debug(
() -> format(
"An error occurred while attempting to authenticate [%s] with token [%s]",
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: s/token/token of type

@n1v0lg n1v0lg added the auto-merge-without-approval Automatically merge pull request when CI checks pass (NB doesn't wait for reviews!) label Mar 9, 2025
@n1v0lg n1v0lg removed the request for review from slobodanadamovic March 9, 2025 11:49
@elasticsearchmachine elasticsearchmachine merged commit b374c48 into elastic:main Mar 9, 2025
22 checks passed
@n1v0lg n1v0lg deleted the debug-log-request-processing-failures-authc branch March 9, 2025 12:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jakelandis jakelandis jakelandis approved these changes

Assignees

@n1v0lg n1v0lg

Labels
auto-merge-without-approval Automatically merge pull request when CI checks pass (NB doesn't wait for reviews!) >non-issue :Security/Authentication Logging in, Usernames/passwords, Realms (Native/LDAP/AD/SAML/PKI/etc) Team:Security Meta label for security team v9.1.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@n1v0lg @elasticsearchmachine @jakelandis