[Pki-devel] [PATCH] pki-cfu-0116-Ticket-1006-Audit-logging-for-TPS-REST-operations.patch
John Magne
jmagne at redhat.com
Mon Mar 28 21:44:34 UTC 2016
Looks fine:
What was done:
1. Creating some convenience functions to do the actual auditing.
2. Making sure we have auditing for the calls where things are changed
such as configuration /profile changes, or changing a token's state.
3. Making sure there are audit messages for the various error conditions caught
in exceptions.
I also took a look at a bunch of samples and they look good.
I did not spend days making sure every possible case it covered, but the code
and the framework looks good. Any holes will be discovered later.
ACK
----- Original Message -----
> From: "Christina Fu" <cfu at redhat.com>
> To: "pki-devel" <pki-devel at redhat.com>
> Sent: Thursday, 24 March, 2016 4:32:56 PM
> Subject: [Pki-devel] [PATCH] pki-cfu-0116-Ticket-1006-Audit-logging-for-TPS-REST-operations.patch
>
> Attached please find the patch for ticket 1006:
> https://fedorahosted.org/pki/ticket/1006 Audit logging for TPS REST
> operations
>
> Most of the work is on
> 1. finding the right places to place the audit calls
> 2. deciding on what should be audited: since all read operations are
> captured by AUTZ, the REST operations audited are only write operations
> 3. deciding on the audit events that should be provided for the operations
> 4. making needed information available at the places where auditing is
> happening
>
> thanks
> Christina
>
> _______________________________________________
> Pki-devel mailing list
> Pki-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/pki-devel
More information about the Pki-devel
mailing list