Versions Compared

Old Version 6

changes.mady.by.user Jim Blake

Saved on

compared with

New Version 7

changes.mady.by.user Jim Blake

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Link textRebuild search index
URL/SearchIndex
The pageAllows you to request a rebuild of the search index, and to monitor its progress.

The "Authorization" tab

Warning

TBD

...

 

In the panelWrite policy decisions to the log
In the filedeveloper.authorization.logDecisions.enable
Effect

Write an entry to the log for each policy decision that is made for any requested action, assuming that INFO-level logging is enabled for the PolicyDecisionLogger. Each entry includes

  • The requested action
  • The name of the policy
  • The decision and message.

The remaining settings in this area can be used to restrict which queries are decisions are logged, or to include more information for each decision.

In the panelInclude the user identifiers in the log record
In the filedeveloper.authorization.logDecisions.addIdentifiers
EffectEach log entry will include the identifiers assigned to the currently logged-in user.
In the panel Skip inconclusive decisions
In the filedeveloper.authorization.logDecisions.skipInconclusive
Effect Do not log INCONCLUSIVE decisions. If all policies return INCONCLUSIVE for a request, this is treated as UNAUTHORIZED, and will be logged.
In the panel Restrict by requested action
In the filedeveloper.authorization.logDecisions.actionRestriction
EffectSet this to a regular expression. A decision will be logged only if the string value of the requested action matches the regular expression, in whole or in part.
In the panel Restrict by policy name
In the filedeveloper.authorization.logDecisions.userRestriction
EffectSet this to a regular expression. A decision will be logged only if the string value of the policy matches the regular expression, in whole or in part.
In the panel Restrict by user identifiers
In the filedeveloper.authorization.logDecisions.policyRestriction
EffectSet this to a regular expression. A decision will be logged only if the list of user identifiers matches the regular expression, in whole or in part.

What if the developer panel doesn't appear?

...