Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-60550

Audit event listener for anonymous search floods the atlassian-confluence.log file

XMLWordPrintable

      Issue Summary

      The addition of user search auditing in Confluence 7.8 generates a red herring error in the application log file when an Anonymous user performs a site search.

      The class SearchAuditListener.java was added to the plugin version 0.6.0 – confluence-auditing-coverage-0.6.0. Version 0.5.7 of this plugin doesn't trigger this error, so, versions before 7.8 are not affected by this problem.

      Steps to Reproduce

      1. Install Confluence
      2. Go to Global Permission page
      3. Edit permissions to give Anonymous users the Can Use permission
      4. Log out, use another browser or incognito mode, and access Confluence as an Anonymous user
      5. Perform a search
      6. Open the atlassian-confluence.log file and notice an error

      Expected Results

      Error is treated or filtered to not show up

      Actual Results

      A single search from an anonymous user may generate 5 to 15 stack trace in the atlassian-confluence.log file:

      2020-12-01 12:42:53,403 ERROR [http-nio-8090-exec-8] [atlassian.confluence.event.ConfluenceEventDispatcher] run There was an exception thrown trying to dispatch event [com.atlassian.confluence.event.events.search.SiteSearchAuditEvent@b1d4e4b] from the invoker [SingleParameterMethodListenerInvoker{method=public void com.atlassian.confluence.plugins.auditing.listeners.SearchAuditListener.onSiteSearchAuditEvent(com.atlassian.confluence.event.events.search.SiteSearchAuditEvent), listener=com.atlassian.confluence.plugins.auditing.listeners.SearchAuditListener@315a8fce} (timed)]
 -- referer: http://localhost:8090/ | url: /rest/api/search | traceId: aebfcd02cf893ee1 | userName: anonymous
java.lang.RuntimeException: Listener: com.atlassian.confluence.plugins.auditing.listeners.SearchAuditListener event: com.atlassian.confluence.event.events.search.SiteSearchAuditEvent
...
Caused by: java.lang.NullPointerException
	at com.atlassian.confluence.plugins.auditing.listeners.SearchAuditListener.onSiteSearchAuditEvent(SearchAuditListener.java:60)

      Workaround

      1. Go to Custom HTML page
      2. Click edit
      3. Add the following to At the end of the HEAD section and click Save: 
        <script type="text/javascript">
    AJS.toInit(function(){
        if (AJS.params.remoteUser == ''){
          AJS.$('#quick-search-query').hide();
        }
    });
</script>

        This will hide the search bar for anonymous users.

            [CONFSERVER-60550] Audit event listener for anonymous search floods the atlassian-confluence.log file

            There are no comments yet on this issue.

              Unassigned Unassigned
              ajardim Artur J
              Affected customers:
              0 This affects my team
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: