[knox] branch master updated: KNOX-2808 - Added log entries upon successful/failed token impersonation (#637)

Mon, 26 Sep 2022 05:41:03 -0700 

This is an automated email from the ASF dual-hosted git repository.

smolnar pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/knox.git


The following commit(s) were added to refs/heads/master by this push:
     new a73608cbd KNOX-2808 - Added log entries upon successful/failed token 
impersonation (#637)
a73608cbd is described below

commit a73608cbd61d3801760ce514c193329d641bb4f0
Author: Sandor Molnar <[email protected]>
AuthorDate: Mon Sep 26 14:40:24 2022 +0200

    KNOX-2808 - Added log entries upon successful/failed token impersonation 
(#637)
---
 .../org/apache/knox/gateway/service/knoxtoken/TokenResource.java    | 2 ++
 .../apache/knox/gateway/service/knoxtoken/TokenServiceMessages.java | 6 ++++++
 2 files changed, 8 insertions(+)

diff --git 
a/gateway-service-knoxtoken/src/main/java/org/apache/knox/gateway/service/knoxtoken/TokenResource.java
 
b/gateway-service-knoxtoken/src/main/java/org/apache/knox/gateway/service/knoxtoken/TokenResource.java
index 42f25bc32..e93f369e7 100644
--- 
a/gateway-service-knoxtoken/src/main/java/org/apache/knox/gateway/service/knoxtoken/TokenResource.java
+++ 
b/gateway-service-knoxtoken/src/main/java/org/apache/knox/gateway/service/knoxtoken/TokenResource.java
@@ -730,7 +730,9 @@ public class TokenResource {
           AuthFilterUtils.authorizeImpersonationRequest(request, doAsUser);
           createdBy = userName;
           userName = doAsUser;
+          log.tokenImpersonationSuccess(userName, doAsUser);
         } catch (AuthorizationException e) {
+          log.tokenImpersonationFailed(e);
           return Response.status(Response.Status.FORBIDDEN).entity("{ \"" + 
e.getMessage() + "\" }").build();
         }
       }
diff --git 
a/gateway-service-knoxtoken/src/main/java/org/apache/knox/gateway/service/knoxtoken/TokenServiceMessages.java
 
b/gateway-service-knoxtoken/src/main/java/org/apache/knox/gateway/service/knoxtoken/TokenServiceMessages.java
index 6208cbce7..4fe620933 100644
--- 
a/gateway-service-knoxtoken/src/main/java/org/apache/knox/gateway/service/knoxtoken/TokenServiceMessages.java
+++ 
b/gateway-service-knoxtoken/src/main/java/org/apache/knox/gateway/service/knoxtoken/TokenServiceMessages.java
@@ -89,4 +89,10 @@ public interface TokenServiceMessages {
 
   @Message( level = MessageLevel.INFO, text = "{0}")
   void generalInfoMessage(String message);
+
+  @Message( level = MessageLevel.DEBUG, text = "Token impersonation 
successful: {0}/{1}" )
+  void tokenImpersonationSuccess(String userName, String doAs);
+
+  @Message( level = MessageLevel.DEBUG, text = "Token impersonation failed: 
{0}" )
+  void tokenImpersonationFailed(@StackTrace Throwable t);
 }

Reply via email to