Home | About | Sematext search-lucene.com search-hadoop.com
NEW: Monitor These Apps!
elasticsearch, apache solr, apache hbase, hadoop, redis, casssandra, amazon cloudwatch, mysql, memcached, apache kafka, apache zookeeper, apache storm, ubuntu, centOS, red hat, debian, puppet labs, java, senseiDB
 Search Hadoop and all its subprojects:

Switch to Threaded View
HBase >> mail # dev >> Enhancing AccessController


Copy link to this message
-
Re: Enhancing AccessController
Hello,

On Thu, Jul 12, 2012 at 3:54 PM, Andrew Purtell <[EMAIL PROTECTED]> wrote:
>> For example, HDFS logs audit messages at INFO level today (IIRC), while HBase does so at TRACE level.
> This has been fixed.

Ah, good to know. It seems our git mirrors are a little bit out of date.

>> Well, the logging path wouldn't go away; this would just be an
>> extension for people who have might complicated needs than just
>> writing to log files. We're looking at maybe providing a similar thing
>> for HDFS. In the end, we don't want the easy way to be any different
>> than it is today, but at the same time have a system where doing more
>> complicated things is possible.
>
> This is the right approach, IMHO, build it into Hadoop core and then
> we can use it in a manner consistent with how core does.

My concern with trying to come up with a common solution for core
Hadoop and HBase is that the data being logged is fundamentally
different. Sure, you could have a silly logger that just takes a
string, but that's no better than hacking through the logging system,
which can be done today.

A proper interface would have proper types provided to the logger
(e.g., the "AuthResult" class currently private in AccessController).
And those cannot be shared among different services; maybe some base
type with common audit-related fields, but not much more than that.

Anyway, I'll clean up my code and post it on Jira instead of
elongating this thread. :-)

--
Marcelo
NEW: Monitor These Apps!
elasticsearch, apache solr, apache hbase, hadoop, redis, casssandra, amazon cloudwatch, mysql, memcached, apache kafka, apache zookeeper, apache storm, ubuntu, centOS, red hat, debian, puppet labs, java, senseiDB