[
https://issues.apache.org/jira/browse/HBASE-12831?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14275910#comment-14275910
]
Sean Busbey commented on HBASE-12831:
-------------------------------------
{code}
+ } catch (AccessDeniedException e) {
+ logResult(false, "addLabels", e.getMessage(), null, labels, null);
+ LOG.error(e);
+ setExceptionResults(visLabels.size(), e, response);
{code}
In places where we're writing to the normal log, please include more of a
message than just the exception object.
{code}
+ } catch (IOException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
{code}
please log as a WARN.
> Changing the set of vis labels a user has access to doesn't generate an audit
> log event
> ---------------------------------------------------------------------------------------
>
> Key: HBASE-12831
> URL: https://issues.apache.org/jira/browse/HBASE-12831
> Project: HBase
> Issue Type: Bug
> Affects Versions: 1.0.0, 2.0.0, 0.98.6
> Reporter: Sean Busbey
> Assignee: Ashish Singhi
> Labels: audit
> Fix For: 1.0.1, 0.98.11
>
> Attachments: HBASE-12831-v2.patch, HBASE-12831-v3.patch,
> HBASE-12831.patch
>
>
> Right now, the AccessController makes sure that (when users care about audit
> events) we generate an audit log event for any access change, like granting
> or removing a permission from a user.
> When the set of labels a user has access to is altered, it gets handled by
> the VisibilityLabelService and we don't log anything to the audit log.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
