periodic-rotating-file-audit-log / size-rotating-file-audit-log configuration does not persist when file-audit-log is not defined in elytron subsystem in EAP 7.1

Solution Unverified - Updated 14 Jun 2024

Environment

Red Hat JBoss Enterprise Application Platform (EAP) 7.1
Elytron subsystem

Issue

periodic-rotating-file-audit-log (or size-rotating-file-audit-log) configuration does not persist when file-audit-log is not defined in the elytron subsystem in JBoss EAP 7.1.

I executed the following CLI to configure periodic-rotating-file-audit-log instead of the default file-audit-log:

[standalone@localhost:9990 /] /subsystem=elytron/file-audit-log=local-audit:remove
{
    "outcome" => "success",
    "response-headers" => {
        "operation-requires-reload" => true,
        "process-state" => "reload-required"
    }
}
[standalone@localhost:9990 /] :reload
{
    "outcome" => "success",
    "result" => undefined
}
[standalone@localhost:9990 /] /subsystem=elytron/periodic-rotating-file-audit-log=my_periodic_audit_log:add(path="my_periodic_audit.log",relative-to="jboss.server.log.dir",format=SIMPLE,synchronized=false,suffix=".yyyy-MM-dd-HH")
{"outcome" => "success"}
[standalone@localhost:9990 /] /subsystem=elytron/periodic-rotating-file-audit-log=my_periodic_audit_log:read-resource
{
    "outcome" => "success",
    "result" => {
        "format" => "SIMPLE",
        "path" => "my_periodic_audit.log",
        "relative-to" => "jboss.server.log.dir",
        "suffix" => ".yyyy-MM-dd-HH",
        "synchronized" => false
    }
}

However, the configuration does not persist, so it becomes ineffective after restarting the server:

[standalone@localhost:9990 /] :reload
{
    "outcome" => "success",
    "result" => undefined
}
[standalone@localhost:9990 /] /subsystem=elytron/periodic-rotating-file-audit-log=my_periodic_audit_log:read-resource
{
    "outcome" => "failed",
    "failure-description" => "WFLYCTL0216: Management resource '[
    (\"subsystem\" => \"elytron\"),
    (\"periodic-rotating-file-audit-log\" => \"my_periodic_audit_log\")
]' not found",
    "rolled-back" => true
}

Resolution

This is a bug and the following JIRA is opened for this issue. This issue will be tentatively fixed in EAP 7.1.6 or later:

EAP 7.1.z: <Content from issues.jboss.org is not included.https://issues.jboss.org/browse/JBEAP-15472>

Note: The Elytron subsystem has been redesigned in EAP 7.2.0 (wildfly-core 6.0.x) by the following JIRA, so the same issue does not happen in EAP 7.2 or later:

EAP 7.2.z: <Content from issues.jboss.org is not included.https://issues.jboss.org/browse/JBEAP-11502>, which will be fixed in 7.2.0 or later
Upstream: <Content from issues.jboss.org is not included.https://issues.jboss.org/browse/WFCORE-2882>, which has been fixed in WildFly 12 or later

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.