You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@knox.apache.org by lm...@apache.org on 2015/05/05 17:07:35 UTC
knox git commit: KNOX-539 add message to identity mapping audit
entries
Repository: knox
Updated Branches:
refs/heads/master 895457d99 -> 0dc3b376a
KNOX-539 add message to identity mapping audit entries
Project: http://git-wip-us.apache.org/repos/asf/knox/repo
Commit: http://git-wip-us.apache.org/repos/asf/knox/commit/0dc3b376
Tree: http://git-wip-us.apache.org/repos/asf/knox/tree/0dc3b376
Diff: http://git-wip-us.apache.org/repos/asf/knox/diff/0dc3b376
Branch: refs/heads/master
Commit: 0dc3b376a0c6d910cec6b6e6577c19be92ba235c
Parents: 895457d
Author: Larry McCay <lm...@hortonworks.com>
Authored: Tue May 5 11:07:25 2015 -0400
Committer: Larry McCay <lm...@hortonworks.com>
Committed: Tue May 5 11:07:25 2015 -0400
----------------------------------------------------------------------
.../common/filter/AbstractIdentityAssertionFilter.java | 3 ++-
.../java/org/apache/hadoop/gateway/i18n/GatewaySpiResources.java | 2 ++
2 files changed, 4 insertions(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/knox/blob/0dc3b376/gateway-provider-identity-assertion-common/src/main/java/org/apache/hadoop/gateway/identityasserter/common/filter/AbstractIdentityAssertionFilter.java
----------------------------------------------------------------------
diff --git a/gateway-provider-identity-assertion-common/src/main/java/org/apache/hadoop/gateway/identityasserter/common/filter/AbstractIdentityAssertionFilter.java b/gateway-provider-identity-assertion-common/src/main/java/org/apache/hadoop/gateway/identityasserter/common/filter/AbstractIdentityAssertionFilter.java
index c085c91..7575b36 100644
--- a/gateway-provider-identity-assertion-common/src/main/java/org/apache/hadoop/gateway/identityasserter/common/filter/AbstractIdentityAssertionFilter.java
+++ b/gateway-provider-identity-assertion-common/src/main/java/org/apache/hadoop/gateway/identityasserter/common/filter/AbstractIdentityAssertionFilter.java
@@ -115,7 +115,8 @@ public abstract class AbstractIdentityAssertionFilter extends
if (!primaryPrincipal.getName().equals(mappedPrincipalName)) {
impersonationNeeded = true;
auditService.getContext().setProxyUsername( mappedPrincipalName );
- auditor.audit( Action.IDENTITY_MAPPING, primaryPrincipal.getName(), ResourceType.PRINCIPAL, ActionOutcome.SUCCESS );
+ auditor.audit( Action.IDENTITY_MAPPING, primaryPrincipal.getName(),
+ ResourceType.PRINCIPAL, ActionOutcome.SUCCESS, RES.effectiveUser(mappedPrincipalName) );
}
}
else {
http://git-wip-us.apache.org/repos/asf/knox/blob/0dc3b376/gateway-spi/src/main/java/org/apache/hadoop/gateway/i18n/GatewaySpiResources.java
----------------------------------------------------------------------
diff --git a/gateway-spi/src/main/java/org/apache/hadoop/gateway/i18n/GatewaySpiResources.java b/gateway-spi/src/main/java/org/apache/hadoop/gateway/i18n/GatewaySpiResources.java
index b48cfb5..feeedb3 100644
--- a/gateway-spi/src/main/java/org/apache/hadoop/gateway/i18n/GatewaySpiResources.java
+++ b/gateway-spi/src/main/java/org/apache/hadoop/gateway/i18n/GatewaySpiResources.java
@@ -25,4 +25,6 @@ public interface GatewaySpiResources {
@Resource(text = "Groups: {0}")
String groupsList( String groups );
+ @Resource(text = "Effective User: {0}")
+ String effectiveUser( String user );
}