Hello Daniel, Here is mailing list space for Apache Geode user. And also, your question is based on older Security Framework, which has been obsoleted with Apache Geode.
The new security framework brought from Apache Geode based on Apache Shiro is totally different from older GemFire's framework. You don't need to implement AccessControl interface for specific authorization module any more. Instead, you just implement SecurityManager interface for both authentication and authorization implementation in your consolidated security manager class. Actually, you can authorize any requests based on more granular level with using new security framework like below. http://geode.apache.org/docs/guide/12/managing/security/ implementing_authorization.html If you still want to ask questions on older security framework, you can ask questions on Pivotal GemFire forum or file a support ticket for Pivotal Support. [Pivotal GemFire forum] https://discuss.pivotal.io/hc/en-us/community/topics/ 200053218-Pivotal-GemFire-Forum [Pivotal Support] https://support.pivotal.io/ Thanks. -- Akihiro Kitada | Staff Customer Engineer | +81 80 3716 3736 Support.Pivotal.io <http://support.pivotal.io/> | Mon-Fri 9:00am to 5:30pm JST | 1-877-477-2269 [image: support] <https://support.pivotal.io/> [image: twitter] <https://twitter.com/pivotal> [image: linkedin] <https://www.linkedin.com/company/3048967> [image: facebook] <https://www.facebook.com/pivotalsoftware> [image: google plus] <https://plus.google.com/+Pivotal> [image: youtube] <https://www.youtube.com/playlist?list=PLAdzTan_eSPScpj2J50ErtzR9ANSzv3kl> 2017-10-24 19:08 GMT+09:00 Vedamuthu, Daniel Pravin < [email protected]>: > Hi Team, > > > > We are trying to do some audit logging on the Gemfire server side for > every client operation, as per our requirement we need to log details like > timestamp, client name, operation/function, client system IP, payload and > response time. In order to do this we tried to use the Gemfire > Authentication and Authorization framework, we have an implementation of > AccessControl interface and have our log statements in the > authorizeOperation method for both pre and post calls, but we ran into some > issues and we need help to proceed further. > > > > Using this approach we are able to get most of the details, except for > response time, originally we planned get the response time by getting the > difference in time between the pre and post-calls to authorizeOperations > for the same operation, but turns out the post-operation call is not > invoked for DESTROY, PUT, etc. and based on clarification from the Pivotal > support we understand that the reason for this is because these operations > do not return any information back. > > > > We would like to know if there is any other way to log all the required > information for audit purposes for each client operation/call. Please let > me know if you need any additional information. Thanks > > > > Regards > > Daniel > > Citi > > >
