You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@hbase.apache.org by "Tomu Tsuruhara (Jira)" <ji...@apache.org> on 2021/11/30 05:45:00 UTC

[jira] [Created] (HBASE-26517) Add auth method information to AccessChecker audit log

Tomu Tsuruhara created HBASE-26517:
--------------------------------------

             Summary: Add auth method information to AccessChecker audit log
                 Key: HBASE-26517
                 URL: https://issues.apache.org/jira/browse/HBASE-26517
             Project: HBase
          Issue Type: Improvement
          Components: security
            Reporter: Tomu Tsuruhara


If we turn on audit logging, authentication events are logged with auth method information  (e.g. KERBEROS, TOKEN etc) like below.

{noformat}
2021-11-30 14:15:07,417 INFO SecurityLogger.org.apache.hadoop.hbase.Server: Auth successful for PRINCIPAL@REALM (auth:KERBEROS)
{noformat}

However, authorization event logs which are emitted by AccessChecker class don't contain auth method information.

I need this info to filter out audit log lines generated by MapReduce jobs, auth method = TOKEN case.




--
This message was sent by Atlassian Jira
(v8.20.1#820001)