[JENKINS-21402] Log/notify ACL grant or deny events

Type: New Feature
Resolution: Unresolved
Priority: Major
Component/s: core
Labels:
- api
- logging
- security

Similar Issues:
Powered by SuggestiMate

Show

SecurityListener should be notified when an ACL check is denied. If it can be done efficiently, it should also be notified when an ACL check is granted. This would allow a listener to determine which permissions are being used by whom on what.

depends on

JENKINS-20999 Extension point for tracking login-related events

Resolved

Jesse Glick created issue - 2014-01-15 20:10

Jesse Glick made changes - 2014-01-15 20:10

Link

New: This issue is related to ~~JENKINS-20999~~ [ ~~JENKINS-20999~~ ]

Jesse Glick added a comment - 2015-02-19 14:27

I.e., logging when a AccessDeniedException is thrown (mainly from ACL.checkPermission), and/or caught at top level (ExceptionTranslationFilter.handleException).

Jesse Glick added a comment - 2015-02-19 14:27 I.e., logging when a AccessDeniedException is thrown (mainly from ACL.checkPermission ), and/or caught at top level ( ExceptionTranslationFilter.handleException ).

Jesse Glick made changes - 2015-02-19 14:34

Link

New: This issue depends on ~~JENKINS-20999~~ [ ~~JENKINS-20999~~ ]

Jesse Glick made changes - 2015-02-19 14:34

Link

Original: This issue is related to ~~JENKINS-20999~~ [ ~~JENKINS-20999~~ ]

Jesse Glick made changes - 2015-02-19 14:35

Labels

Original: logging security

New: api logging security

R. Tyler Croy made changes - 2016-07-25 23:50

Workflow

Original: JNJira [ 153266 ]

New: JNJira + In-Review [ 178474 ]

Assignee:: Unassigned

Reporter:: Jesse Glick

Votes:: 1 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 2014-01-15 20:10

Updated:: 2015-02-19 14:35

Jenkins

Details

Description

Attachments

Issue Links

Activity

Collapse comment: Jesse Glick added a comment - 2015-02-19 14:27

Expand comment: Jesse Glick added a comment - 2015-02-19 14:27

People

Dates