-
Bug
-
Resolution: Fixed
-
Low
-
7.8.1, 7.9.1
-
None
-
1
-
Severity 3 - Minor
-
Issue Summary
The addition of user search auditing in Confluence 7.8 generates a red herring error in the application log file when an Anonymous user performs a site search.
The class SearchAuditListener.java was added to the plugin version 0.6.0 – confluence-auditing-coverage-0.6.0. Version 0.5.7 of this plugin doesn't trigger this error, so, versions before 7.8 are not affected by this problem.
Steps to Reproduce
- Install Confluence
- Go to Global Permission page
- Edit permissions to give Anonymous users the Can Use permission
- Log out, use another browser or incognito mode, and access Confluence as an Anonymous user
- Perform a search
- Open the atlassian-confluence.log file and notice an error
Expected Results
Error is treated or filtered to not show up
Actual Results
A single search from an anonymous user may generate 5 to 15 stack trace in the atlassian-confluence.log file:
2020-12-01 12:42:53,403 ERROR [http-nio-8090-exec-8] [atlassian.confluence.event.ConfluenceEventDispatcher] run There was an exception thrown trying to dispatch event [com.atlassian.confluence.event.events.search.SiteSearchAuditEvent@b1d4e4b] from the invoker [SingleParameterMethodListenerInvoker{method=public void com.atlassian.confluence.plugins.auditing.listeners.SearchAuditListener.onSiteSearchAuditEvent(com.atlassian.confluence.event.events.search.SiteSearchAuditEvent), listener=com.atlassian.confluence.plugins.auditing.listeners.SearchAuditListener@315a8fce} (timed)] -- referer: http://localhost:8090/ | url: /rest/api/search | traceId: aebfcd02cf893ee1 | userName: anonymous java.lang.RuntimeException: Listener: com.atlassian.confluence.plugins.auditing.listeners.SearchAuditListener event: com.atlassian.confluence.event.events.search.SiteSearchAuditEvent ... Caused by: java.lang.NullPointerException at com.atlassian.confluence.plugins.auditing.listeners.SearchAuditListener.onSiteSearchAuditEvent(SearchAuditListener.java:60)
Workaround
- Go to Custom HTML page
- Click edit
- Add the following to At the end of the HEAD section and click Save:
<script type="text/javascript"> AJS.toInit(function(){ if (AJS.params.remoteUser == ''){ AJS.$('#quick-search-query').hide(); } }); </script>
This will hide the search bar for anonymous users.
- mentioned in
-
Page Loading...