HBASE-22759. Extended grant and revoke audit events with caller info (#…

…427)
apache · Jul 30, 2019 · 29f8e19 · 29f8e19
1 parent 70ec78c
commit 29f8e19
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java
@@ -2072,7 +2072,7 @@ public Void run() throws Exception {
 
         if (AUDITLOG.isTraceEnabled()) {
           // audit log should store permission changes in addition to auth results
-          AUDITLOG.trace("Granted permission " + perm.toString());
+          AUDITLOG.trace("User {} granted permission {}", caller, perm);
         }
       } else {
         throw new CoprocessorException(AccessController.class, "This method "
@@ -2129,7 +2129,7 @@ public Void run() throws Exception {
 
         if (AUDITLOG.isTraceEnabled()) {
           // audit log should record all permission changes
-          AUDITLOG.trace("Revoked permission " + perm.toString());
+          AUDITLOG.trace("User {} revoked permission {}", caller, perm);
         }
       } else {
         throw new CoprocessorException(AccessController.class, "This method "