ACCUMULO-2839 only audit if logging is enabled
Project: http://git-wip-us.apache.org/repos/asf/accumulo/repo Commit: http://git-wip-us.apache.org/repos/asf/accumulo/commit/b2dd64d3 Tree: http://git-wip-us.apache.org/repos/asf/accumulo/tree/b2dd64d3 Diff: http://git-wip-us.apache.org/repos/asf/accumulo/diff/b2dd64d3 Branch: refs/heads/1.6.1-SNAPSHOT Commit: b2dd64d3785b4199f2c7a47eb2bcc3977529968f Parents: 850f4bc Author: Keith Turner <ktur...@apache.org> Authored: Fri May 23 11:46:51 2014 -0400 Committer: Keith Turner <ktur...@apache.org> Committed: Fri May 23 16:27:25 2014 -0400 ---------------------------------------------------------------------- .../apache/accumulo/server/security/AuditedSecurityOperation.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/accumulo/blob/b2dd64d3/server/base/src/main/java/org/apache/accumulo/server/security/AuditedSecurityOperation.java ---------------------------------------------------------------------- diff --git a/server/base/src/main/java/org/apache/accumulo/server/security/AuditedSecurityOperation.java b/server/base/src/main/java/org/apache/accumulo/server/security/AuditedSecurityOperation.java index d1fbdef..d55382d 100644 --- a/server/base/src/main/java/org/apache/accumulo/server/security/AuditedSecurityOperation.java +++ b/server/base/src/main/java/org/apache/accumulo/server/security/AuditedSecurityOperation.java @@ -48,6 +48,7 @@ import org.apache.accumulo.server.security.handler.Authenticator; import org.apache.accumulo.server.security.handler.Authorizor; import org.apache.accumulo.server.security.handler.PermissionHandler; import org.apache.hadoop.io.Text; +import org.apache.log4j.Level; import org.apache.log4j.Logger; /** @@ -92,7 +93,7 @@ public class AuditedSecurityOperation extends SecurityOperation { } private static boolean shouldAudit(TCredentials credentials, String tableId) { - return !tableId.equals(MetadataTable.ID) && shouldAudit(credentials); + return (audit.isInfoEnabled() || audit.isEnabledFor(Level.WARN)) && !tableId.equals(MetadataTable.ID) && shouldAudit(credentials); } // Is INFO the right level to check? Do we even need that check?
