Looks fine: What was done:
1. Creating some convenience functions to do the actual auditing. 2. Making sure we have auditing for the calls where things are changed such as configuration /profile changes, or changing a token's state. 3. Making sure there are audit messages for the various error conditions caught in exceptions. I also took a look at a bunch of samples and they look good. I did not spend days making sure every possible case it covered, but the code and the framework looks good. Any holes will be discovered later. ACK ----- Original Message ----- > From: "Christina Fu" <c...@redhat.com> > To: "pki-devel" <pki-devel@redhat.com> > Sent: Thursday, 24 March, 2016 4:32:56 PM > Subject: [Pki-devel] [PATCH] > pki-cfu-0116-Ticket-1006-Audit-logging-for-TPS-REST-operations.patch > > Attached please find the patch for ticket 1006: > https://fedorahosted.org/pki/ticket/1006 Audit logging for TPS REST > operations > > Most of the work is on > 1. finding the right places to place the audit calls > 2. deciding on what should be audited: since all read operations are > captured by AUTZ, the REST operations audited are only write operations > 3. deciding on the audit events that should be provided for the operations > 4. making needed information available at the places where auditing is > happening > > thanks > Christina > > _______________________________________________ > Pki-devel mailing list > Pki-devel@redhat.com > https://www.redhat.com/mailman/listinfo/pki-devel _______________________________________________ Pki-devel mailing list Pki-devel@redhat.com https://www.redhat.com/mailman/listinfo/pki-devel