[
https://issues.apache.org/jira/browse/ACCUMULO-3939?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14637779#comment-14637779
]
James Mello commented on ACCUMULO-3939:
---------------------------------------
||Action||Log Success||Log Failure||
|User Login| Y | Y |
|User Logout| N | N |
|Get User Authorizations| Y | Y |
|Change User Authorizations | Y | Y |
|Change User Password| Y | Y |
|Create User| Y | Y |
|Drop User| Y | Y |
|Grant SYSTEM Permissions| Y | Y |
|Grant TABLE Permissions| Y | Y |
|Revoke SYSTEM Permissions| Y | Y |
|Revoke TABLE Permissions| Y | Y |
|Create Table| N | Y |
|Drop Table| Y | Y |
|Rename Table| N | Y |
|Clone Table| N | Y |
|Compact Table | ? | Y |
|Merge Table | ? | Y |
|Offline Table | | Y |
|Online Table | | Y |
> Accumulo AuditedSecurityOperation is not initialized properly
> -------------------------------------------------------------
>
> Key: ACCUMULO-3939
> URL: https://issues.apache.org/jira/browse/ACCUMULO-3939
> Project: Accumulo
> Issue Type: Bug
> Affects Versions: 1.5.3
> Reporter: James Mello
> Priority: Critical
> Labels: easyfix
> Attachments: ACCUMULO-3939.patch, generic_logger.xml
>
>
> While reading the source I found out that the AuditedSecurityOperation is
> never initialized properly.
> The AuditSecurityOperation does not contain a getInstance() static method.
> This in turn just calls the SecurityOperation getInstance() method. Because
> this is called in a static manner the getInstance(String instanceId, boolean
> initialize) is called against the SecurityOperation class not the
> AuditedSecurityOperation class.
> This should just be a simple fix that adds the getInstance() method to the
> AuditedSecurityOperation class.
> This is critical as we are in need of this security auditing to meet
> Information Assurance requirements for an upcoming major release of our
> software.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
