2954829e3e
Due to the multi-threaded AMQP implementation the ThreadLocal variables used by the AuditLogger to track the username and remote address don't work properly. Changes include: - Passing the audit Subject (set during authentication) and the remote address explicitly for audit logging on the relevant ServerSession methods rather than relying on the AuditLogger's ThreadLocal variables - Audit logging core session creation *after* successful authentication so that we have the proper Subject; this is especially important for the SSL certificate authentication use-case - Renaming some methods and variables in AuditLogger to more accurately reflect their intended use - Adding JavaDoc and refactoring the getCaller methods on AuditLogger - Refactor audit log testing and add a new test |
||
|---|---|---|
| .. | ||
| src | ||
| pom.xml | ||