KNOX-3104 - Add groups to the RemoteAuthProvider audit entry (apache#1000)

lmccay · web-flow · commit 139f01751200 · 2025-03-02T10:59:06.000-05:00
diff --git a/gateway-provider-security-authc-remote/src/main/java/org/apache/knox/gateway/filter/RemoteAuthFilter.java b/gateway-provider-security-authc-remote/src/main/java/org/apache/knox/gateway/filter/RemoteAuthFilter.java
@@ -178,7 +178,11 @@ public void doFilter(ServletRequest request, ServletResponse response, FilterCha
           context.setUsername( principalName );
           auditService.attachContext(context);
           String sourceUri = (String)request.getAttribute( AbstractGatewayFilter.SOURCE_REQUEST_CONTEXT_URL_ATTRIBUTE_NAME );
-          auditor.audit( Action.AUTHENTICATION , sourceUri, ResourceType.URI, ActionOutcome.SUCCESS );
+          auditor.audit(Action.AUTHENTICATION, sourceUri, ResourceType.URI,
+                  ActionOutcome.SUCCESS, "Groups: " + Arrays.toString(subject.getPrincipals(GroupPrincipal.class)
+                          .stream()
+                          .map(GroupPrincipal::getName)
+                          .toArray(String[]::new)));
         }
 
         continueWithEstablishedSecurityContext(subject, httpRequest, httpResponse, filterChain);
