001/** 002 * Licensed to the Apache Software Foundation (ASF) under one 003 * or more contributor license agreements. See the NOTICE file 004 * distributed with this work for additional information 005 * regarding copyright ownership. The ASF licenses this file 006 * to you under the Apache License, Version 2.0 (the 007 * "License"); you may not use this file except in compliance 008 * with the License. You may obtain a copy of the License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, software 013 * distributed under the License is distributed on an "AS IS" BASIS, 014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 015 * See the License for the specific language governing permissions and 016 * limitations under the License. 017 */ 018package org.apache.hadoop.hdfs.server.namenode; 019 020import java.net.InetAddress; 021 022import org.apache.hadoop.classification.InterfaceAudience; 023import org.apache.hadoop.classification.InterfaceStability; 024import org.apache.hadoop.fs.FileStatus; 025import org.apache.hadoop.hdfs.security.token.delegation.DelegationTokenSecretManager; 026import org.apache.hadoop.ipc.CallerContext; 027import org.apache.hadoop.security.UserGroupInformation; 028 029/** 030 * Extension of {@link AuditLogger}. 031 */ 032@InterfaceAudience.Public 033@InterfaceStability.Evolving 034public abstract class HdfsAuditLogger implements AuditLogger { 035 036 @Override 037 public void logAuditEvent(boolean succeeded, String userName, 038 InetAddress addr, String cmd, String src, String dst, 039 FileStatus status) { 040 logAuditEvent(succeeded, userName, addr, cmd, src, dst, status, 041 null /*callerContext*/, null /*ugi*/, null /*dtSecretManager*/); 042 } 043 044 /** 045 * Same as 046 * {@link #logAuditEvent(boolean, String, InetAddress, String, String, String, 047 * FileStatus)} with additional parameters related to logging delegation token 048 * tracking IDs. 049 * 050 * @param succeeded Whether authorization succeeded. 051 * @param userName Name of the user executing the request. 052 * @param addr Remote address of the request. 053 * @param cmd The requested command. 054 * @param src Path of affected source file. 055 * @param dst Path of affected destination file (if any). 056 * @param stat File information for operations that change the file's metadata 057 * (permissions, owner, times, etc). 058 * @param callerContext Context information of the caller 059 * @param ugi UserGroupInformation of the current user, or null if not logging 060 * token tracking information 061 * @param dtSecretManager The token secret manager, or null if not logging 062 * token tracking information 063 */ 064 public void logAuditEvent(boolean succeeded, String userName, 065 InetAddress addr, String cmd, String src, String dst, 066 FileStatus stat, CallerContext callerContext, UserGroupInformation ugi, 067 DelegationTokenSecretManager dtSecretManager) { 068 logAuditEvent(succeeded, userName, addr, cmd, src, dst, stat, 069 ugi, dtSecretManager); 070 } 071 072 /** 073 * Same as 074 * {@link #logAuditEvent(boolean, String, InetAddress, String, String, 075 * String, FileStatus, CallerContext, UserGroupInformation, 076 * DelegationTokenSecretManager)} without {@link CallerContext} information. 077 */ 078 public abstract void logAuditEvent(boolean succeeded, String userName, 079 InetAddress addr, String cmd, String src, String dst, 080 FileStatus stat, UserGroupInformation ugi, 081 DelegationTokenSecretManager dtSecretManager); 082}