Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
2.0.0-M2
-
None
Description
Following the upgrade to Jetty 12 and related libraries, the username field is never populated in the HTTP Request Log sent to nifi-request.log.
The problem is due to an attribute name mismatch between two different packages containing the same Jetty AuthenticationState interface. This interface provides the request attribute name that the Jetty CustomRequestLog uses to determine the authenticated user. Without setting the correct attribute name, the Jetty RequestLog cannot determine the authenticated user, resulting in an empty value regardless of user authentication status.
This lack of logging does not impact authentication and authorization processing, and additional logging can be configured for Spring Security loggers to track user authentication in the impacted version.
Attachments
Issue Links
- links to
