[jboss-jira] [JBoss JIRA] (WFLY-487) Verify audit implications and required APIs
Darran Lofthouse (JIRA)
jira-events at lists.jboss.org
Wed Apr 24 06:31:58 EDT 2013
[ https://issues.jboss.org/browse/WFLY-487?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Darran Lofthouse updated WFLY-487:
----------------------------------
Fix Version/s: 8.0.0.Alpha2
(was: 8.0.0.Alpha1)
> Verify audit implications and required APIs
> -------------------------------------------
>
> Key: WFLY-487
> URL: https://issues.jboss.org/browse/WFLY-487
> Project: WildFly
> Issue Type: Sub-task
> Components: Domain Management, Security
> Reporter: Darran Lofthouse
> Assignee: Darran Lofthouse
> Fix For: 8.0.0.Alpha2
>
>
> Auditing may be logging as the user that executes a request, if we have used a trust relationship for a request to be run as a different user we need to be able to track back to identify how the user for the request was selected.
> i.e. If userA runs something as userB and does something bad we must be able to track back that it was userA making the overall request without userB getting the blame.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list