Marcelo Vanzin created HBASE-6393:
-------------------------------------
Summary: Decouple audit event creation from storage in
AccessController
Key: HBASE-6393
URL: https://issues.apache.org/jira/browse/HBASE-6393
Project: HBase
Issue Type: Brainstorming
Components: security
Reporter: Marcelo Vanzin
Currently, AccessControler takes care of both generating audit events (by
performing access checks) and storing them (by creating a log message and
writing it to the AUDITLOG logger).
This makes the logging system the only way to catch audit events. It means that
if someone wants to do something fancier (like writing these records to a
database somewhere), they need to hack through the logging system, and parse
the messages generated by AccessController, which is not optimal.
The attached patch decouples generation and storage by introducing a new
interface, used by AccessController, to log the audit events. The current,
log-based storage is kept in place so that current users won't be affected by
the change.
I'm filing this as an RFC at this point, so the patch is not totally clean;
it's on top of HBase 0.92 (which is easier for me to test) and doesn't have any
unit tests, for starters. But the changes should be very similar on trunk - I
don't remember changes in this particular area of the code between those
versions.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
