Audit recordSessionlessAccess configuration

Evolveum · Jun 15, 2020 · 5b15da7 · 5b15da7
1 parent 9d3fcb6
commit 5b15da7
Showing 1 changed file with 16 additions and 0 deletions.
diff --git a/infra/schema/src/main/resources/xml/ns/public/common/common-core-3.xsd b/infra/schema/src/main/resources/xml/ns/public/common/common-core-3.xsd
@@ -16214,6 +16214,7 @@
                     </xsd:element>
 
                     <xsd:element name="modelHooks" type="tns:ModelHooksType" minOccurs="0"/>
+
                     <xsd:element name="logging" type="tns:LoggingConfigurationType" minOccurs="0">
                         <xsd:annotation>
                             <xsd:documentation>
@@ -16569,6 +16570,21 @@
                     </xsd:appinfo>
                 </xsd:annotation>
             </xsd:element>
+            <xsd:element name="recordSessionlessAccess" type="xsd:boolean" minOccurs="0" default="false">
+                <xsd:annotation>
+                    <xsd:documentation>
+                        There are services in midPoint that are not using concept of access session.
+                        No session is created for such services.
+                        Therefore there are no audit records about session creation or termination.
+                        Access to such services is not recorded in the audit log by default.
+                        Setting `recordSessionlessAccess` to `true` will force recording of session start/end events even for session-less services.
+                    </xsd:documentation>
+                    <xsd:appinfo>
+                        <a:since>4.2</a:since>
+                        <a:displayName>SystemConfigurationAuditEventRecordingType.recordSessionlessAccess</a:displayName>
+                    </xsd:appinfo>
+                </xsd:annotation>
+            </xsd:element>
         </xsd:sequence>
     </xsd:complexType>