You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@accumulo.apache.org by kt...@apache.org on 2014/05/23 22:30:45 UTC

[2/4] git commit: ACCUMULO-2839 only audit if logging is enabled

ACCUMULO-2839 only audit if logging is enabled


Project: http://git-wip-us.apache.org/repos/asf/accumulo/repo
Commit: http://git-wip-us.apache.org/repos/asf/accumulo/commit/b2dd64d3
Tree: http://git-wip-us.apache.org/repos/asf/accumulo/tree/b2dd64d3
Diff: http://git-wip-us.apache.org/repos/asf/accumulo/diff/b2dd64d3

Branch: refs/heads/master
Commit: b2dd64d3785b4199f2c7a47eb2bcc3977529968f
Parents: 850f4bc
Author: Keith Turner <kt...@apache.org>
Authored: Fri May 23 11:46:51 2014 -0400
Committer: Keith Turner <kt...@apache.org>
Committed: Fri May 23 16:27:25 2014 -0400

----------------------------------------------------------------------
 .../apache/accumulo/server/security/AuditedSecurityOperation.java | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/accumulo/blob/b2dd64d3/server/base/src/main/java/org/apache/accumulo/server/security/AuditedSecurityOperation.java
----------------------------------------------------------------------
diff --git a/server/base/src/main/java/org/apache/accumulo/server/security/AuditedSecurityOperation.java b/server/base/src/main/java/org/apache/accumulo/server/security/AuditedSecurityOperation.java
index d1fbdef..d55382d 100644
--- a/server/base/src/main/java/org/apache/accumulo/server/security/AuditedSecurityOperation.java
+++ b/server/base/src/main/java/org/apache/accumulo/server/security/AuditedSecurityOperation.java
@@ -48,6 +48,7 @@ import org.apache.accumulo.server.security.handler.Authenticator;
 import org.apache.accumulo.server.security.handler.Authorizor;
 import org.apache.accumulo.server.security.handler.PermissionHandler;
 import org.apache.hadoop.io.Text;
+import org.apache.log4j.Level;
 import org.apache.log4j.Logger;
 
 /**
@@ -92,7 +93,7 @@ public class AuditedSecurityOperation extends SecurityOperation {
   }
 
   private static boolean shouldAudit(TCredentials credentials, String tableId) {
-    return !tableId.equals(MetadataTable.ID) && shouldAudit(credentials);
+    return (audit.isInfoEnabled() || audit.isEnabledFor(Level.WARN)) && !tableId.equals(MetadataTable.ID) && shouldAudit(credentials);
   }
 
   // Is INFO the right level to check? Do we even need that check?