[jboss-jira] [JBoss JIRA] (WFLY-487) Verify audit implications and required APIs
Darran Lofthouse (JIRA)
issues at jboss.org
Mon Feb 10 07:15:32 EST 2014
[ https://issues.jboss.org/browse/WFLY-487?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Darran Lofthouse updated WFLY-487:
----------------------------------
Labels: authentication_service (was: )
> Verify audit implications and required APIs
> -------------------------------------------
>
> Key: WFLY-487
> URL: https://issues.jboss.org/browse/WFLY-487
> Project: WildFly
> Issue Type: Sub-task
> Security Level: Public(Everyone can see)
> Components: Domain Management, Security
> Reporter: Darran Lofthouse
> Assignee: Darran Lofthouse
> Labels: authentication_service
> Fix For: 9.0.0.CR1
>
>
> Auditing may be logging as the user that executes a request, if we have used a trust relationship for a request to be run as a different user we need to be able to track back to identify how the user for the request was selected.
> i.e. If userA runs something as userB and does something bad we must be able to track back that it was userA making the overall request without userB getting the blame.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list