[jira] [Comment Edited] (HBASE-27528) Add audit logs in MasterRpcServices

[Beibei Zhao (Jira)]

    [ 
https://issues.apache.org/jira/browse/HBASE-27528?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17655803#comment-17655803
 ] 

Beibei Zhao edited comment on HBASE-27528 at 1/8/23 3:38 PM:
-------------------------------------------------------------

[~bbeaudreault]
Thanks for your reply! You are right!
I found a path from *revoke* to *AccessChecker* (log for deny or allow for a 
request). So there is a *log duplication* issue, I' ll commit the code later.


was (Author: JIRAUSER296385):
[~bbeaudreault]
Thanks for your reply! You are right!
I found a path from *revoke* to *AccessChecker * (log for deny or allow for a 
request). So there is a log duplication issue, I' ll commit the code later. 


> Add audit logs in MasterRpcServices
> -----------------------------------
>
>                 Key: HBASE-27528
>                 URL: https://issues.apache.org/jira/browse/HBASE-27528
>             Project: HBase
>          Issue Type: Improvement
>          Components: logging, master, rpc, security
>            Reporter: Beibei Zhao
>            Priority: Major
>
> MasterRpcServices record audit log in privileged operations (grant, revoke) 
> and vital apis like "execMasterService".
>  
> {code:java}
> public ClientProtos.CoprocessorServiceResponse execMasterService(final 
> RpcController controller,
>     ......
>       String remoteAddress = 
> RpcServer.getRemoteAddress().map(InetAddress::toString).orElse("");
>       User caller = RpcServer.getRequestUser().orElse(null);
>       AUDITLOG.info("User {} (remote address: {}) master service request for 
> {}.{}", caller,
>         remoteAddress, serviceName, methodName);
>       return CoprocessorRpcUtils.getResponse(execResult, 
> HConstants.EMPTY_BYTE_ARRAY);
>     } catch (IOException ie) {
>       throw new ServiceException(ie);
>     }
>   }
> {code}
> There are many "write" operations like "deleteTable", which may cause 
> security problems, should also record an audit log.
> {code:java}
>   public DeleteTableResponse deleteTable(RpcController controller, 
> DeleteTableRequest request)
>     throws ServiceException {
>     try {
>       long procId = 
> server.deleteTable(ProtobufUtil.toTableName(request.getTableName()),
>         request.getNonceGroup(), request.getNonce());
>       // an audit log is required here.
>       return DeleteTableResponse.newBuilder().setProcId(procId).build();
>     } catch (IOException ioe) {
>       throw new ServiceException(ioe);
>     }
>   }
> {code}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)