(druid) branch master updated: Adding more logging in case of permission issues (#17754)

Mon, 24 Feb 2025 08:55:06 -0800 

This is an automated email from the ASF dual-hosted git repository.

gian pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/druid.git


The following commit(s) were added to refs/heads/master by this push:
     new cb9af9d69cd Adding more logging in case of permission issues (#17754)
cb9af9d69cd is described below

commit cb9af9d69cdd395c78440f3931529c3feb09dd1b
Author: Karan Kumar <[email protected]>
AuthorDate: Mon Feb 24 22:22:57 2025 +0530

    Adding more logging in case of permission issues (#17754)
    
    * Adding more logging in case of permission issue
    
    * Adding logging to SQL endpoint.
---
 server/src/main/java/org/apache/druid/server/QueryResource.java | 1 +
 sql/src/main/java/org/apache/druid/sql/AbstractStatement.java   | 1 +
 2 files changed, 2 insertions(+)

diff --git a/server/src/main/java/org/apache/druid/server/QueryResource.java 
b/server/src/main/java/org/apache/druid/server/QueryResource.java
index 93a52abd064..27a20ec9bca 100644
--- a/server/src/main/java/org/apache/druid/server/QueryResource.java
+++ b/server/src/main/java/org/apache/druid/server/QueryResource.java
@@ -215,6 +215,7 @@ public class QueryResource implements 
QueryCountStatsProvider
       }
 
       if (!authResult.allowBasicAccess()) {
+        log.info("Query[%s] forbidden due to reason[%s]", query.getId(), 
authResult.getErrorMessage());
         throw new ForbiddenException(authResult.getErrorMessage());
       }
 
diff --git a/sql/src/main/java/org/apache/druid/sql/AbstractStatement.java 
b/sql/src/main/java/org/apache/druid/sql/AbstractStatement.java
index ee5cb290e9a..b3eecef472b 100644
--- a/sql/src/main/java/org/apache/druid/sql/AbstractStatement.java
+++ b/sql/src/main/java/org/apache/druid/sql/AbstractStatement.java
@@ -152,6 +152,7 @@ public abstract class AbstractStatement implements Closeable
     // here. The planner ensures that this step is done before planning.
     authResult = planner.authorize(authorizer, contextResources);
     if (!authResult.authorizationResult.allowBasicAccess()) {
+      log.info("Query[%s] forbidden due to reason[%s]", sqlQueryId(), 
authResult.authorizationResult.getErrorMessage());
       throw new 
ForbiddenException(authResult.authorizationResult.getErrorMessage());
     }
   }


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to