private AuditLogger loadAuditLogger(SearchResult sr, String deviceDN, Device device) throws NamingException { Attributes attrs = sr.getAttributes(); AuditLogger auditLogger = new AuditLogger(LdapUtils.stringValue(attrs.get("cn"), null)); loadFrom(auditLogger, attrs); for (String connDN : LdapUtils.stringArray(attrs.get("dicomNetworkConnectionReference"))) auditLogger.addConnection(LdapUtils.findConnection(connDN, deviceDN, device)); String arrDeviceDN = LdapUtils.stringValue(attrs.get("dcmAuditRecordRepositoryDeviceReference"), null); if (deviceDN.equals(arrDeviceDN)) { auditLogger.setAuditRecordRepositoryDevice(device); } else { loadAuditRecordRepositoryDevice(auditLogger, arrDeviceDN); } loadAuditSuppressCriteria(auditLogger, auditLoggerDN(auditLogger.getCommonName(), deviceDN)); return auditLogger; }
@Override public void verifyNotUsed(Connection conn) { for (AuditLogger logger : loggers.values()) if (logger.getConnections().contains(conn)) throw new IllegalStateException(conn + " used by Audit Logger" + logger.getCommonName()); }
void reconfigure(AuditLogger from) { setFacility(from.facility); setSuccessSeverity(from.successSeverity); setMinorFailureSeverity(from.minorFailureSeverity); setSeriousFailureSeverity(from.seriousFailureSeverity); setMajorFailureSeverity(from.majorFailureSeverity); setApplicationName(from.applicationName); setAuditSourceID(from.auditSourceID); setAuditEnterpriseSiteID(from.auditEnterpriseSiteID); setAuditSourceTypeCodes(from.auditSourceTypeCodes); setMessageID(from.messageID); setEncoding(from.encoding); setSchemaURI(from.schemaURI); setTimestampInUTC(from.timestampInUTC); setIncludeBOM(from.includeBOM); setFormatXML(from.formatXML); setSpoolDirectoryURI(from.spoolDirectoryURI); setSpoolFileNamePrefix(from.spoolFileNamePrefix); setSpoolFileNameSuffix(from.spoolFileNameSuffix); setRetryInterval(from.retryInterval); setInstalled(from.installed); arrDevice = from.arrDevice; arrDeviceName = from.arrDeviceName; setAuditSuppressCriteriaList(from.suppressAuditMessageFilters); device.reconfigureConnections(conns, from.conns); closeActiveConnection(); }
public void addAuditLogger(AuditLogger logger) { logger.setDevice(device); loggers.put(logger.getCommonName(), logger); }
private void loadFrom(AuditLogger logger, Attributes attrs) throws NamingException { logger.setFacility(AuditLogger.Facility.values() [LdapUtils.intValue(attrs.get("dcmAuditFacility"), 10)]); logger.setSuccessSeverity(AuditLogger.Severity.values() [LdapUtils.intValue(attrs.get("dcmAuditSuccessSeverity"), 5)]); logger.setMinorFailureSeverity(AuditLogger.Severity.values() [LdapUtils.intValue(attrs.get("dcmAuditMinorFailureSeverity"), 4)]); logger.setSeriousFailureSeverity(AuditLogger.Severity.values() [LdapUtils.intValue(attrs.get("dcmAuditSeriousFailureSeverity"), 3)]); logger.setMajorFailureSeverity(AuditLogger.Severity.values() [LdapUtils.intValue(attrs.get("dcmAuditMajorFailureSeverity"), 2)]); logger.setAuditSourceID(LdapUtils.stringValue(attrs.get("dcmAuditSourceID"), null)); logger.setAuditEnterpriseSiteID( LdapUtils.stringValue(attrs.get("dcmAuditEnterpriseSiteID"), null)); logger.setAuditSourceTypeCodes( LdapUtils.stringArray(attrs.get("dcmAuditSourceTypeCode"))); logger.setApplicationName( LdapUtils.stringValue(attrs.get("dcmAuditApplicationName"), null)); logger.setMessageID( LdapUtils.stringValue(attrs.get("dcmAuditMessageID"), AuditLogger.MESSAGE_ID)); logger.setEncoding( LdapUtils.stringValue(attrs.get("dcmAuditMessageEncoding"), "UTF-8")); logger.setSchemaURI( LdapUtils.stringValue(attrs.get("dcmAuditMessageSchemaURI"), AuditMessages.SCHEMA_URI)); logger.setIncludeBOM( LdapUtils.booleanValue(attrs.get("dcmAuditMessageBOM"), true)); logger.setFormatXML( LdapUtils.booleanValue(attrs.get("dcmAuditMessageFormatXML"), false)); logger.setTimestampInUTC( LdapUtils.booleanValue(attrs.get("dcmAuditTimestampInUTC"), false));
private void writeTo(Device device, AuditLogger auditLogger, JsonWriter writer) { writer.writeStartObject(); writer.writeNotNullOrDef("cn", auditLogger.getCommonName(), null); writer.writeNotNullOrDef("dcmAuditRecordRepositoryDeviceName", auditLogger.getAuditRecordRepositoryDeviceNameNotNull(), null); writer.writeConnRefs(device.listConnections(), auditLogger.getConnections()); writer.writeNotNull("dicomInstalled", auditLogger.getInstalled()); writer.writeNotNullOrDef("dcmAuditSourceID", auditLogger.getAuditSourceID(), null); writer.writeNotNullOrDef("dcmAuditEnterpriseSiteID", auditLogger.getAuditEnterpriseSiteID(), null); writer.writeNotEmpty("dcmAuditSourceTypeCode", auditLogger.getAuditSourceTypeCodes()); writer.writeNotNullOrDef("dcmAuditFacility", auditLogger.getFacility(), AuditLogger.Facility.authpriv); writer.writeNotNullOrDef("dcmAuditSuccessSeverity", auditLogger.getSuccessSeverity(), AuditLogger.Severity.notice); writer.writeNotNullOrDef("dcmAuditMinorFailureSeverity", auditLogger.getMinorFailureSeverity(), AuditLogger.Severity.warning); writer.writeNotNullOrDef("dcmAuditSeriousFailureSeverity", auditLogger.getSeriousFailureSeverity(), AuditLogger.Severity.err); writer.writeNotNullOrDef("dcmAuditMajorFailureSeverity", auditLogger.getMajorFailureSeverity(), AuditLogger.Severity.crit); writer.writeNotNullOrDef("dcmAuditApplicationName", auditLogger.getApplicationName(), null); writer.writeNotNullOrDef("dcmAuditMessageID", auditLogger.getMessageID(), AuditLogger.MESSAGE_ID); writer.writeNotNullOrDef("dcmAuditMessageEncoding", auditLogger.getEncoding(), "UTF-8"); writer.writeNotDef("dcmAuditMessageBOM", auditLogger.isIncludeBOM(), true); writer.writeNotDef("dcmAuditTimestampInUTC", auditLogger.isTimestampInUTC(), false); writer.writeNotDef("dcmAuditMessageFormatXML", auditLogger.isFormatXML(), false); writer.writeNotNullOrDef("dcmAuditMessageSchemaURI", auditLogger.getSchemaURI(), AuditMessages.SCHEMA_URI); writer.writeNotDef("dcmAuditIncludeInstanceUID", auditLogger.isIncludeInstanceUID(), false); writer.writeNotNullOrDef("dcmAuditLoggerSpoolDirectoryURI", auditLogger.getSpoolDirectoryURI(), null); writer.writeNotDef("dcmAuditLoggerRetryInterval", auditLogger.getRetryInterval(), 0); writeAuditSuppressCriteriaList(writer, auditLogger.getAuditSuppressCriteriaList());
private static void configureAuditLogger(AuditLogger logger, CommandLine cl) { logger.setFacility(toFacility(cl)); logger.setSuccessSeverity(toSeverity(cl)); logger.setApplicationName(cl.getOptionValue("app-name")); logger.setMessageID(cl.getOptionValue("msg-id", AuditLogger.MESSAGE_ID)); logger.setIncludeBOM(!cl.hasOption("no-bom")); logger.setTimestampInUTC(cl.hasOption("utc")); if (cl.hasOption("spool-dir")) logger.setSpoolDirectory(new File(cl.getOptionValue("spool-dir"))); logger.setRetryInterval(CLIUtils.getIntOption(cl, "retry", 0)); }
private void reconfigure(AuditLoggerDeviceExtension from) { loggers.keySet().retainAll(from.loggers.keySet()); for (AuditLogger src : from.loggers.values()) { AuditLogger logger = loggers.get(src.getApplicationName()); if (logger == null) addAuditLogger(logger = new AuditLogger(src.getCommonName())); logger.reconfigure(src); } }
.isRequester().build(); activeParticipants[1] = new ActiveParticipantBuilder.Builder( log.getDevice().getDeviceName(), log.getConnections().get(0).getHostname()) .userIDTypeCode(AuditMessages.UserIDTypeCode.DeviceName) .altUserID(AuditLogger.processID()).build(); } catch (Exception e) { LOG.warn("Failed to process Audit Spool File {} of Audit Logger {} : {}", file, log.getCommonName(), e); try { Files.move(file, file.resolveSibling(file.getFileName().toString() + ".failed")); } catch (IOException e1) { LOG.warn("Failed to mark Audit Spool File {} of Audit Logger {} as failed : {}", file, log.getCommonName(), e);
eventType.eventID, eventType.eventActionCode, auditLogger.timeStamp(), AuditMessages.EventOutcomeIndicator.Success) .outcomeDesc(info.getField(AuthInfo.RESOURCE_TYPE)) .isRequester().build(); activeParticipants[1] = new ActiveParticipantBuilder.Builder( auditLogger.getDevice().getDeviceName(), auditLogger.getConnections().get(0).getHostname()) .userIDTypeCode(AuditMessages.UserIDTypeCode.DeviceName) .altUserID(AuditLogger.processID()).build(); auditLogger.getDevice().getDeviceName(), AuditMessages.ParticipantObjectIDTypeCode.DeviceName, AuditMessages.ParticipantObjectTypeCode.SystemObject,
static void spoolAuditMsg(AdminEvent adminEvent, AuditLogger auditLogger, KeycloakSession keycloakSession) { String dataDir = System.getProperty(JBOSS_SERVER_DATA_DIR); Path dir = Paths.get(dataDir, "audit-auth-spool", auditLogger.getCommonName().replaceAll(" ", "_")); try { if (!Files.exists(dir)) Files.createDirectories(dir); spoolAndAudit(dir, auditLogger, adminEvent, keycloakSession); } catch (Exception e) { LOG.warn("Failed to spool and audit admin event {}: {} ", adminEvent.getOperationType().name() + " " + adminEvent.getResourceType().name(), e); } }
private void store(ConfigurationChanges diffs, String deviceDN, AuditLogger logger) throws NamingException { String appDN = auditLoggerDN(logger.getCommonName(), deviceDN); ConfigurationChanges.ModifiedObject ldapObj = ConfigurationChanges.addModifiedObject(diffs, appDN, ConfigurationChanges.ChangeType.C); config.createSubcontext(appDN, storeTo(ConfigurationChanges.nullifyIfNotVerbose(diffs, ldapObj), logger, deviceDN, new BasicAttributes(true))); for (AuditSuppressCriteria criteria : logger.getAuditSuppressCriteriaList()) { String dn = LdapUtils.dnOf("cn", criteria.getCommonName(), appDN); ConfigurationChanges.ModifiedObject ldapObj1 = ConfigurationChanges.addModifiedObjectIfVerbose(diffs, dn, ConfigurationChanges.ChangeType.C); config.createSubcontext(dn, storeTo(ldapObj1, criteria, new BasicAttributes(true))); } }
private void loadFrom(AuditLoggerDeviceExtension ext, JsonReader reader, List<Connection> conns, ConfigurationDelegate config) throws ConfigurationException { reader.next(); reader.expect(JsonParser.Event.START_ARRAY); while (reader.next() == JsonParser.Event.START_OBJECT) { AuditLogger logger = new AuditLogger(); loadFrom(logger, reader, conns, config); reader.expect(JsonParser.Event.END_OBJECT); ext.addAuditLogger(logger); } reader.expect(JsonParser.Event.END_ARRAY); }
private void loadFrom(AuditLogger logger, Attributes attrs) throws NamingException { logger.setFacility(AuditLogger.Facility.values() [LdapUtils.intValue(attrs.get("dcmAuditFacility"), 10)]); logger.setSuccessSeverity(AuditLogger.Severity.values() [LdapUtils.intValue(attrs.get("dcmAuditSuccessSeverity"), 5)]); logger.setMinorFailureSeverity(AuditLogger.Severity.values() [LdapUtils.intValue(attrs.get("dcmAuditMinorFailureSeverity"), 4)]); logger.setSeriousFailureSeverity(AuditLogger.Severity.values() [LdapUtils.intValue(attrs.get("dcmAuditSeriousFailureSeverity"), 3)]); logger.setMajorFailureSeverity(AuditLogger.Severity.values() [LdapUtils.intValue(attrs.get("dcmAuditMajorFailureSeverity"), 2)]); logger.setAuditSourceID(LdapUtils.stringValue(attrs.get("dcmAuditSourceID"), null)); logger.setAuditEnterpriseSiteID( LdapUtils.stringValue(attrs.get("dcmAuditEnterpriseSiteID"), null)); logger.setAuditSourceTypeCodes( LdapUtils.stringArray(attrs.get("dcmAuditSourceTypeCode"))); logger.setApplicationName( LdapUtils.stringValue(attrs.get("dcmAuditApplicationName"), null)); logger.setMessageID( LdapUtils.stringValue(attrs.get("dcmAuditMessageID"), AuditLogger.MESSAGE_ID)); logger.setEncoding( LdapUtils.stringValue(attrs.get("dcmAuditMessageEncoding"), "UTF-8")); logger.setSchemaURI( LdapUtils.stringValue(attrs.get("dcmAuditMessageSchemaURI"), AuditMessages.SCHEMA_URI)); logger.setIncludeBOM( LdapUtils.booleanValue(attrs.get("dcmAuditMessageBOM"), true)); logger.setFormatXML( LdapUtils.booleanValue(attrs.get("dcmAuditMessageFormatXML"), false)); logger.setTimestampInUTC( LdapUtils.booleanValue(attrs.get("dcmAuditTimestampInUTC"), false));
private void writeTo(Device device, AuditLogger auditLogger, JsonWriter writer) { writer.writeStartObject(); writer.writeNotNullOrDef("cn", auditLogger.getCommonName(), null); writer.writeNotNullOrDef("dcmAuditRecordRepositoryDeviceName", auditLogger.getAuditRecordRepositoryDeviceNameNotNull(), null); writer.writeConnRefs(device.listConnections(), auditLogger.getConnections()); writer.writeNotNull("dicomInstalled", auditLogger.getInstalled()); writer.writeNotNullOrDef("dcmAuditSourceID", auditLogger.getAuditSourceID(), null); writer.writeNotNullOrDef("dcmAuditEnterpriseSiteID", auditLogger.getAuditEnterpriseSiteID(), null); writer.writeNotEmpty("dcmAuditSourceTypeCode", auditLogger.getAuditSourceTypeCodes()); writer.writeNotNullOrDef("dcmAuditFacility", auditLogger.getFacility(), AuditLogger.Facility.authpriv); writer.writeNotNullOrDef("dcmAuditSuccessSeverity", auditLogger.getSuccessSeverity(), AuditLogger.Severity.notice); writer.writeNotNullOrDef("dcmAuditMinorFailureSeverity", auditLogger.getMinorFailureSeverity(), AuditLogger.Severity.warning); writer.writeNotNullOrDef("dcmAuditSeriousFailureSeverity", auditLogger.getSeriousFailureSeverity(), AuditLogger.Severity.err); writer.writeNotNullOrDef("dcmAuditMajorFailureSeverity", auditLogger.getMajorFailureSeverity(), AuditLogger.Severity.crit); writer.writeNotNullOrDef("dcmAuditApplicationName", auditLogger.getApplicationName(), null); writer.writeNotNullOrDef("dcmAuditMessageID", auditLogger.getMessageID(), AuditLogger.MESSAGE_ID); writer.writeNotNullOrDef("dcmAuditMessageEncoding", auditLogger.getEncoding(), "UTF-8"); writer.writeNotDef("dcmAuditMessageBOM", auditLogger.isIncludeBOM(), true); writer.writeNotDef("dcmAuditTimestampInUTC", auditLogger.isTimestampInUTC(), false); writer.writeNotDef("dcmAuditMessageFormatXML", auditLogger.isFormatXML(), false); writer.writeNotNullOrDef("dcmAuditMessageSchemaURI", auditLogger.getSchemaURI(), AuditMessages.SCHEMA_URI); writer.writeNotDef("dcmAuditIncludeInstanceUID", auditLogger.isIncludeInstanceUID(), false); writer.writeNotNullOrDef("dcmAuditLoggerSpoolDirectoryURI", auditLogger.getSpoolDirectoryURI(), null); writer.writeNotDef("dcmAuditLoggerRetryInterval", auditLogger.getRetryInterval(), 0); writeAuditSuppressCriteriaList(writer, auditLogger.getAuditSuppressCriteriaList());
private static void configureAuditLogger(AuditLogger logger, CommandLine cl) { logger.setFacility(toFacility(cl)); logger.setSuccessSeverity(toSeverity(cl)); logger.setApplicationName(cl.getOptionValue("app-name")); logger.setMessageID(cl.getOptionValue("msg-id", AuditLogger.MESSAGE_ID)); logger.setIncludeBOM(!cl.hasOption("no-bom")); logger.setTimestampInUTC(cl.hasOption("utc")); if (cl.hasOption("spool-dir")) logger.setSpoolDirectory(new File(cl.getOptionValue("spool-dir"))); logger.setRetryInterval(CLIUtils.getIntOption(cl, "retry", 0)); }
private void reconfigure(AuditLoggerDeviceExtension from) { loggers.keySet().retainAll(from.loggers.keySet()); for (AuditLogger src : from.loggers.values()) { AuditLogger logger = loggers.get(src.getApplicationName()); if (logger == null) addAuditLogger(logger = new AuditLogger(src.getCommonName())); logger.reconfigure(src); } }
.isRequester().build(); activeParticipants[1] = new ActiveParticipantBuilder.Builder( log.getDevice().getDeviceName(), log.getConnections().get(0).getHostname()) .userIDTypeCode(AuditMessages.UserIDTypeCode.DeviceName) .altUserID(AuditLogger.processID()).build(); } catch (Exception e) { LOG.warn("Failed to process Audit Spool File {} of Audit Logger {} : {}", file, log.getCommonName(), e); try { Files.move(file, file.resolveSibling(file.getFileName().toString() + ".failed")); } catch (IOException e1) { LOG.warn("Failed to mark Audit Spool File {} of Audit Logger {} as failed : {}", file, log.getCommonName(), e);
eventType.eventID, AuditMessages.EventActionCode.Execute, auditLogger.timeStamp(), eventOutcomeIndicator(adminEvent.getError())) .outcomeDesc(info.getField(AuthInfo.EVENT)) .isRequester().build(); activeParticipants[1] = new ActiveParticipantBuilder.Builder( auditLogger.getDevice().getDeviceName(), auditLogger.getConnections().get(0).getHostname()) .userIDTypeCode(AuditMessages.UserIDTypeCode.DeviceName) .altUserID(AuditLogger.processID()).build(); auditLogger.getDevice().getDeviceName(), AuditMessages.ParticipantObjectIDTypeCode.DeviceName, AuditMessages.ParticipantObjectTypeCode.SystemObject,
static void spoolAuditMsg(AdminEvent adminEvent, AuditLogger auditLogger, KeycloakSession keycloakSession) { String dataDir = System.getProperty(JBOSS_SERVER_DATA_DIR); Path dir = Paths.get(dataDir, "audit-auth-spool", auditLogger.getCommonName().replaceAll(" ", "_")); try { if (!Files.exists(dir)) Files.createDirectories(dir); spoolAndAudit(dir, auditLogger, adminEvent, keycloakSession); } catch (Exception e) { LOG.warn("Failed to spool and audit admin event {}: {} ", adminEvent.getOperationType().name() + " " + adminEvent.getResourceType().name(), e); } }