IGNITE-12781 - ache_put event contains the node id instead of the remote_client subject id

[VeenaMithare]

Posting this here, as guided in the ignite users group.
Hi Team,

1. I noticed that this issue (
https://issues.apache.org/jira/browse/IGNITE-12781) is not resolved in
2.8.1.

Could you guide how can we get audit information if a cache record
modification is done on dbeaver and the cache_put event contains the node id
instead of the remote_client subject id ?

Please note this is a blocker issue for us to use Apache Ignite , since we
use dbeaver to update records sometimes.
/*Could we kindly ask this to be included in the next
release.*/ 

2. Even if the cache_put event did contain the remote_client user id , how
are we supposed to fetch it from the auditstoragespi ?

The below link mentions
http://apache-ignite-users.70518.x6.nabble.com/JDBC-thin-client-incorrect-security-context-td31354.html

public class EventStorageSpi extends IgniteSpiAdapter implements
EventStorageSpi {
    @LoggerResource
    private IgniteLogger log;

    @Override
    public <T extends Event> Collection<T> localEvents(IgnitePredicate<T> p)
{
        return null;
    }

    @Override
    public void record(Event evt) throws IgniteSpiException {
        if (evt.type() == EVT_MANAGEMENT_TASK_STARTED) {
            TaskEvent taskEvent = (TaskEvent) evt;

            SecuritySubject subj = taskEvent.subjectId() != null
                    ?
getSpiContext().authenticatedSubject(taskEvent.subjectId())
                    : null;

            log.info("Management task started: [" +
                    "name=" + taskEvent.taskName() + ", " +
                    "eventNode=" + taskEvent.node() + ", " +
                    "timestamp=" + taskEvent.timestamp() + ", " +
                    "info=" + taskEvent.message() + ", " +
                    "subjectId=" + taskEvent.subjectId() + ", " +
                    "secureSubject=" + subj +
                    "]");
        }
    }

    @Override
    public void spiStart(@Nullable String igniteInstanceName) throws
IgniteSpiException {
        /* No-op. */
    }

    @Override
    public void spiStop() throws IgniteSpiException {
        /* No-op. */
    }
}

IgniteSpiContext exposes authenticatedSubject which according to some
discussions gets the subject *only for node* . (
http://apache-ignite-developers.2346864.n4.nabble.com/Security-Subject-of-thin-client-on-remote-nodes-td46029.html#a46412
)

/*securityContext(uuid ) was added to the GridSecurityProcessor to get the
securitycontext of the thin client. However this is not exposed via the
IgniteSpiContext.*/

regards,
Veena.



--
Sent from: http://apache-ignite-developers.2346864.n4.nabble.com/