> On Feb 28, 2018, at 2:52 PM, Benjamin Mahler <bmah...@apache.org> wrote: > > When touching some code, I noticed that authorization logging is currently > done rather inconsistently across the call-sites and many cases do not log > the request: > > $ grep -R -A 3 'LOG.*Authorizing' src > > Should authorization logging be the concern of an authorizer > implementation? For audit purposes I could imagine this also being part of > a separate log that the authorizer maintains?
Separating this out from the authorizer was the idea behind https://issues.apache.org/jira/browse/MESOS-7678. J
