[teiid-issues] [JBoss JIRA] (TEIID-3554) Audit log is missing details related to what role was applied and what info was defined or allowed
Van Halbert (JIRA)
issues at jboss.org
Tue Jun 23 13:59:02 EDT 2015
[ https://issues.jboss.org/browse/TEIID-3554?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13083008#comment-13083008 ]
Van Halbert commented on TEIID-3554:
------------------------------------
And even when an insert is tried, the client tool gets a good description:
Error: TEIID30492 Remote org.teiid.api.exception.query.QueryValidatorException: TEIID30492 User <teiidUser at teiid-security> is not entitled to action <CREATE> for 1 or more of the groups/elements/procedures.
SQLState: 50000
ErrorCode: 30492
And the audit does indicate a "denied" activity was applied. But I still think the role being applied is important so that if a user was setup incorrectly, it can easily be seen.
> Audit log is missing details related to what role was applied and what info was defined or allowed
> --------------------------------------------------------------------------------------------------
>
> Key: TEIID-3554
> URL: https://issues.jboss.org/browse/TEIID-3554
> Project: Teiid
> Issue Type: Bug
> Components: Server
> Affects Versions: 8.7.1.6_2
> Reporter: Van Halbert
> Assignee: Steven Hawkins
> Attachments: portfolioroles_data.xlsx
>
>
> Using the dynamicvdb-dataroles quick start as the basis for triggering the audit log. Executing the view query: "Select * from StockPrice" . The query will only present the "price" column value when the user has the "prices" role. When performing queries with a user (name=teiidUser) that doesn't have the "prices" role versus one that does (name=portfolio), doesn't provide any discerning information in the audit log to indicate that a role was applied to the data.
> Attaching excel file of the audit log data.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
More information about the teiid-issues
mailing list