[jboss-jira] [JBoss JIRA] (WFLY-487) Verify audit implications and required APIs
Darran Lofthouse (JIRA)
issues at jboss.org
Fri Sep 18 06:17:00 EDT 2015
[ https://issues.jboss.org/browse/WFLY-487?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Darran Lofthouse updated WFLY-487:
----------------------------------
Fix Version/s: 11.0.0.Alpha1
(was: 10.0.0.CR2)
> Verify audit implications and required APIs
> -------------------------------------------
>
> Key: WFLY-487
> URL: https://issues.jboss.org/browse/WFLY-487
> Project: WildFly
> Issue Type: Sub-task
> Components: Domain Management, Security
> Reporter: Darran Lofthouse
> Assignee: Darran Lofthouse
> Labels: authentication_service
> Fix For: 11.0.0.Alpha1
>
>
> Auditing may be logging as the user that executes a request, if we have used a trust relationship for a request to be run as a different user we need to be able to track back to identify how the user for the request was selected.
> i.e. If userA runs something as userB and does something bad we must be able to track back that it was userA making the overall request without userB getting the blame.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
More information about the jboss-jira
mailing list