[jboss-jira] [JBoss JIRA] (ELY-37) Audit Logging Integration
David Lloyd (JIRA)
issues at jboss.org
Wed Mar 16 09:35:00 EDT 2016
[ https://issues.jboss.org/browse/ELY-37?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13177808#comment-13177808 ]
David Lloyd commented on ELY-37:
--------------------------------
Information on all events:
* Current (enclosing) identity
* Local & peer network address (if any)
* Event timestamp (Instant)
* Process ID (?)
Authentication events:
* Mechanism name
* Protocol name
* Identity name being authenticated
* Correlation ID (?)
Authorization (run-as) events:
* Target identity name
Permission check (authorization) event:
* Permission being checked
* Authorization result
Session events:
* Application/handle/category name
* Correlation ID (?)
Application events:
* Application/handle/category name
* Optional Session
Correlation IDs are integer IDs counting up from 0, not wrapping, not repeating. Unique per JVM.
> Audit Logging Integration
> -------------------------
>
> Key: ELY-37
> URL: https://issues.jboss.org/browse/ELY-37
> Project: WildFly Elytron
> Issue Type: Task
> Components: API / SPI, Audit
> Reporter: Darran Lofthouse
> Assignee: Jan Kalina
> Fix For: 1.1.0.CR1
>
>
> Implement into Elytron samething like:
> https://github.com/picketbox/picketbox/tree/master/security-spi/spi/src/main/java/org/jboss/security/audit
> or
> https://github.com/wildfly/wildfly-core/tree/master/controller/src/main/java/org/jboss/as/controller/audit
> or
> https://github.com/kabir/tamper-detecting-audit-log
> UPDATE:
> By discussion should be based on currently not implemented processing of **security events** - depends on it from now.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
More information about the jboss-jira
mailing list