You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@knox.apache.org by sm...@apache.org on 2022/09/26 12:40:28 UTC

[knox] branch master updated: KNOX-2808 - Added log entries upon successful/failed token impersonation (#637)

This is an automated email from the ASF dual-hosted git repository.

smolnar pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/knox.git


The following commit(s) were added to refs/heads/master by this push:
     new a73608cbd KNOX-2808 - Added log entries upon successful/failed token impersonation (#637)
a73608cbd is described below

commit a73608cbd61d3801760ce514c193329d641bb4f0
Author: Sandor Molnar <sm...@apache.org>
AuthorDate: Mon Sep 26 14:40:24 2022 +0200

    KNOX-2808 - Added log entries upon successful/failed token impersonation (#637)
---
 .../org/apache/knox/gateway/service/knoxtoken/TokenResource.java    | 2 ++
 .../apache/knox/gateway/service/knoxtoken/TokenServiceMessages.java | 6 ++++++
 2 files changed, 8 insertions(+)

diff --git a/gateway-service-knoxtoken/src/main/java/org/apache/knox/gateway/service/knoxtoken/TokenResource.java b/gateway-service-knoxtoken/src/main/java/org/apache/knox/gateway/service/knoxtoken/TokenResource.java
index 42f25bc32..e93f369e7 100644
--- a/gateway-service-knoxtoken/src/main/java/org/apache/knox/gateway/service/knoxtoken/TokenResource.java
+++ b/gateway-service-knoxtoken/src/main/java/org/apache/knox/gateway/service/knoxtoken/TokenResource.java
@@ -730,7 +730,9 @@ public class TokenResource {
           AuthFilterUtils.authorizeImpersonationRequest(request, doAsUser);
           createdBy = userName;
           userName = doAsUser;
+          log.tokenImpersonationSuccess(userName, doAsUser);
         } catch (AuthorizationException e) {
+          log.tokenImpersonationFailed(e);
           return Response.status(Response.Status.FORBIDDEN).entity("{ \"" + e.getMessage() + "\" }").build();
         }
       }
diff --git a/gateway-service-knoxtoken/src/main/java/org/apache/knox/gateway/service/knoxtoken/TokenServiceMessages.java b/gateway-service-knoxtoken/src/main/java/org/apache/knox/gateway/service/knoxtoken/TokenServiceMessages.java
index 6208cbce7..4fe620933 100644
--- a/gateway-service-knoxtoken/src/main/java/org/apache/knox/gateway/service/knoxtoken/TokenServiceMessages.java
+++ b/gateway-service-knoxtoken/src/main/java/org/apache/knox/gateway/service/knoxtoken/TokenServiceMessages.java
@@ -89,4 +89,10 @@ public interface TokenServiceMessages {
 
   @Message( level = MessageLevel.INFO, text = "{0}")
   void generalInfoMessage(String message);
+
+  @Message( level = MessageLevel.DEBUG, text = "Token impersonation successful: {0}/{1}" )
+  void tokenImpersonationSuccess(String userName, String doAs);
+
+  @Message( level = MessageLevel.DEBUG, text = "Token impersonation failed: {0}" )
+  void tokenImpersonationFailed(@StackTrace Throwable t);
 }