AuditManagerpublic final class AuditManager extends Object
| Fields Summary |
|---|
| static final String | NAME | | static final String | CLASSNAME | | private static final String | AUDIT_MGR_WS_INVOCATION_KEY | | private static final String | AUDIT_MGR_EJB_AS_WS_INVOCATION_KEY | | private static final String | AUDIT_MGR_SERVER_STARTUP_KEY | | private static final String | AUDIT_MGR_SERVER_SHUTDOWN_KEY | | private static final Logger | _logger | | private static final com.sun.enterprise.util.LocalStringManagerImpl | _localStrings | | private List | instances | | private Map | moduleToNameMap | | private Map | nameToModuleMap | | private boolean | auditOn |
| Constructors Summary |
|---|
AuditManager()Creates a new instance of AuditManager
|
| Methods Summary |
|---|
| void | addAuditModule(java.lang.String name, java.lang.String classname, java.util.Properties props)Add the given audit module to the list of loaded audit module.
Adding the same name twice will override previous one.
// make sure only a name corresponding to only one auditModule
removeAuditModule(name);
AuditModule am = loadAuditModule(classname, props);
moduleToNameMap.put(am, name);
nameToModuleMap.put(name, am);
// clone list to resolve multi-thread issues in looping instances
List list = new ArrayList();
Collections.copy(instances, list);
list.add(am);
instances = Collections.synchronizedList(list);
| | public void | authentication(java.lang.String user, java.lang.String realm, boolean success)logs the authentication call for all the loaded modules.
if(auditOn){
List list = instances;
int size = list.size();
for (int i = 0; i < size; i++) {
AuditModule am = null;
try{
am = (AuditModule)list.get(i);
am.authentication(user, realm, success);
} catch (Exception e){
String name = (String)moduleToNameMap.get(am);
String msg =
_localStrings.getLocalString("auditmgr.authentication",
" Audit Module {0} threw the followin exception during authentication:",
new Object[] {name});
_logger.log(Level.INFO, msg, e);
}
}
}
| | public void | ejbAsWebServiceInvocation(java.lang.String endpoint, boolean validRequest)This method is called for the web service calls with MLS set
and the endpoints deployed as servlets
if(auditOn){
List list = instances;
int size = list.size();
for (int i = 0; i < size; i++) {
AuditModule am = (AuditModule)list.get(i);
try{
am.ejbAsWebServiceInvocation(endpoint, validRequest);
} catch (Exception e){
String name = (String)moduleToNameMap.get(am);
String msg =
_localStrings.getLocalString(AUDIT_MGR_EJB_AS_WS_INVOCATION_KEY,
" Audit Module {0} threw the following exception during "+
"ejb as web service invocation :",
new Object[] {name});
_logger.log(Level.INFO, msg, e);
}
}
}
| | public void | ejbInvocation(java.lang.String user, java.lang.String ejb, java.lang.String method, boolean success)logs the ejb authorization call for all ejb modules
if(auditOn){
List list = instances;
int size = list.size();
for (int i = 0; i < size; i++) {
AuditModule am = (AuditModule)list.get(i);
try{
am.ejbInvocation(user, ejb, method, success);
} catch (Exception e){
String name = (String)moduleToNameMap.get(am);
String msg =
_localStrings.getLocalString("auditmgr.ejbinvocation",
" Audit Module {0} threw the followin exception during ejb invocation :",
new Object[] {name});
_logger.log(Level.INFO, msg, e);
}
}
}
| | com.sun.appserv.security.AuditModule | getAuditModule(java.lang.String name)Get the audit module of given name from the loaded list.
return (AuditModule)nameToModuleMap.get(name);
| | public boolean | isAuditOn()
return auditOn;
| | private com.sun.appserv.security.AuditModule | loadAuditModule(java.lang.String classname, java.util.Properties props)This method return auditModule with given classname and properties.
AuditModule auditModule = null;
Class am = Class.forName(classname);
Object obj = am.newInstance();
auditModule = (AuditModule) obj;
auditModule.init(props);
return auditModule;
| | public void | loadAuditModules()This method initializes AuditManager which load audit modules and
audit enabled flag
try {
ConfigContext configContext =
ApplicationServer.getServerContext().getConfigContext();
assert(configContext != null);
Server configBean = ServerBeansFactory.getServerBean(configContext);
assert(configBean != null);
SecurityService securityBean =
ServerBeansFactory.getSecurityServiceBean(configContext);
assert(securityBean != null);
// @todo will be removed to incorporate the new structure.
boolean auditFlag = securityBean.isAuditEnabled();
setAuditOn(auditFlag);
com.sun.enterprise.config.serverbeans.AuditModule[] am =
securityBean.getAuditModule();
for (int i = 0; i < am.length; i++){
try {
String name = am[i].getName();
String classname = am[i].getClassname();
Properties p = new Properties();
//XXX should we remove this two extra properties
p.setProperty(NAME, name);
p.setProperty(CLASSNAME, classname);
ElementProperty[] ep = am[i].getElementProperty();
int epsize = am[i].sizeElementProperty();
for (int j = 0; j < epsize; j++){
String nme = ep[j].getName();
String val = ep[j].getValue();
p.setProperty(nme, val);
}
AuditModule auditModule = loadAuditModule(classname, p);
instances.add(auditModule);
moduleToNameMap.put(auditModule, name);
nameToModuleMap.put(name, auditModule);
} catch(Exception ex){
String msg = _localStrings.getLocalString(
"auditmgr.loaderror",
"Audit: Cannot load AuditModule = {0}",
new Object[]{ am[i].getName() });
_logger.log(Level.WARNING, msg, ex);
}
}
} catch (Exception e) {
String msg = _localStrings.getLocalString("auditmgr.badinit",
"Audit: Cannot load Audit Module Initialization information. AuditModules will not be loaded.");
_logger.log(Level.WARNING, msg, e);
}
| | void | removeAuditModule(java.lang.String name)Remove the audit module of given name from the loaded list.
Object am = nameToModuleMap.get(name);
if (am != null) {
nameToModuleMap.remove(name);
moduleToNameMap.remove(am);
// clone list to resolve multi-thread issues in looping instances
List list = new ArrayList();
Collections.copy(instances, list);
list.remove(am);
instances = Collections.synchronizedList(list);
}
| | public void | serverShutdown()
if(auditOn){
// This surely is not the most optimal way of iterating through
// the list of audit modules since I think the list is static
// For now just do as its done for ejb/web audits - TODO later
// Another thing to do would be make the list of audit modules
// generic, preventing type casting at runtime
// like: List<AuditModule> list
List list = instances;
int size = list.size();
for (int i = 0; i < size; i++) {
AuditModule am = (AuditModule)list.get(i);
try{
am.serverShutdown();
} catch (Exception e){
String name = (String)moduleToNameMap.get(am);
String msg =
_localStrings.getLocalString(AUDIT_MGR_SERVER_SHUTDOWN_KEY,
" Audit Module {0} threw the following exception during "+
"server shutdown :",
new Object[] {name});
_logger.log(Level.INFO, msg, e);
}
}
}
| | public void | serverStarted()
if(auditOn){
// This surely is not the most optimal way of iterating through
// the list of audit modules since I think the list is static
// For now just do as its done for ejb/web audits - TODO later
// Another thing to do would be make the list of audit modules
// generic, preventing type casting at runtime
// like: List<AuditModule> list
List list = instances;
int size = list.size();
for (int i = 0; i < size; i++) {
AuditModule am = (AuditModule)list.get(i);
try{
am.serverStarted();
} catch (Exception e){
String name = (String)moduleToNameMap.get(am);
String msg =
_localStrings.getLocalString(AUDIT_MGR_SERVER_STARTUP_KEY,
" Audit Module {0} threw the following exception during "+
"server startup :",
new Object[] {name});
_logger.log(Level.INFO, msg, e);
}
}
}
| | void | setAuditOn(boolean auditOn)
this.auditOn = auditOn;
| | public void | webInvocation(java.lang.String user, javax.servlet.http.HttpServletRequest req, java.lang.String type, boolean success)logs the web authorization call for all loaded modules
if(auditOn){
List list = instances;
int size = list.size();
for (int i = 0; i < size; i++) {
AuditModule am = (AuditModule)list.get(i);
try{
am.webInvocation(user, req, type, success);
} catch (Exception e){
String name = (String)moduleToNameMap.get(am);
String msg =
_localStrings.getLocalString("auditmgr.webinvocation",
" Audit Module {0} threw the followin exception during web invocation :",
new Object[] {name});
_logger.log(Level.INFO, msg, e);
}
}
}
| | public void | webServiceInvocation(java.lang.String uri, java.lang.String endpoint, boolean validRequest)This method is called for the web service calls with MLS set
and the endpoints deployed as servlets
if(auditOn){
// This surely is not the most optimal way of iterating through
// the list of audit modules since I think the list is static
// For now just do as its done for ejb/web audits - TODO later
// Another thing to do would be make the list of audit modules
// generic, preventing type casting at runtime
// like: List<AuditModule> list
List list = instances;
int size = list.size();
for (int i = 0; i < size; i++) {
AuditModule am = (AuditModule)list.get(i);
try{
am.webServiceInvocation(uri, endpoint, validRequest);
} catch (Exception e){
String name = (String)moduleToNameMap.get(am);
String msg =
_localStrings.getLocalString(AUDIT_MGR_WS_INVOCATION_KEY,
" Audit Module {0} threw the following exception during "+
"web service invocation :",
new Object[] {name});
_logger.log(Level.INFO, msg, e);
}
}
}
|
|
