SecurityListener should be notified when an ACL check is denied. If it can be done efficiently, it should also be notified when an ACL check is granted. This would allow a listener to determine which permissions are being used by whom on what.

          [JENKINS-21402] Log/notify ACL grant or deny events

          Jesse Glick created issue -
          Jesse Glick made changes -
          Link New: This issue is related to JENKINS-20999 [ JENKINS-20999 ]
          Jesse Glick made changes -
          Link New: This issue depends on JENKINS-20999 [ JENKINS-20999 ]
          Jesse Glick made changes -
          Link Original: This issue is related to JENKINS-20999 [ JENKINS-20999 ]
          Jesse Glick made changes -
          Labels Original: logging security New: api logging security
          R. Tyler Croy made changes -
          Workflow Original: JNJira [ 153266 ] New: JNJira + In-Review [ 178474 ]

            Unassigned Unassigned
            jglick Jesse Glick
            Votes:
            1 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated: