@Override public void verifyNotUsed(Connection conn) { for (AuditLogger logger : loggers.values()) if (logger.getConnections().contains(conn)) throw new IllegalStateException(conn + " used by Audit Logger" + logger.getCommonName()); }
@Override public void verifyNotUsed(Connection conn) { for (AuditLogger logger : loggers.values()) if (logger.getConnections().contains(conn)) throw new IllegalStateException(conn + " used by Audit Logger" + logger.getCommonName()); }
public void addAuditLogger(AuditLogger logger) { logger.setDevice(device); loggers.put(logger.getCommonName(), logger); }
public void addAuditLogger(AuditLogger logger) { logger.setDevice(device); loggers.put(logger.getCommonName(), logger); }
private void reconfigure(AuditLoggerDeviceExtension from) { loggers.keySet().retainAll(from.loggers.keySet()); for (AuditLogger src : from.loggers.values()) { AuditLogger logger = loggers.get(src.getApplicationName()); if (logger == null) addAuditLogger(logger = new AuditLogger(src.getCommonName())); logger.reconfigure(src); } }
private void reconfigure(AuditLoggerDeviceExtension from) { loggers.keySet().retainAll(from.loggers.keySet()); for (AuditLogger src : from.loggers.values()) { AuditLogger logger = loggers.get(src.getApplicationName()); if (logger == null) addAuditLogger(logger = new AuditLogger(src.getCommonName())); logger.reconfigure(src); } }
static void spoolAuditMsg(AdminEvent adminEvent, AuditLogger auditLogger, KeycloakSession keycloakSession) { String dataDir = System.getProperty(JBOSS_SERVER_DATA_DIR); Path dir = Paths.get(dataDir, "audit-auth-spool", auditLogger.getCommonName().replaceAll(" ", "_")); try { if (!Files.exists(dir)) Files.createDirectories(dir); spoolAndAudit(dir, auditLogger, adminEvent, keycloakSession); } catch (Exception e) { LOG.warn("Failed to spool and audit admin event {}: {} ", adminEvent.getOperationType().name() + " " + adminEvent.getResourceType().name(), e); } }
static void spoolAuditMsg(AdminEvent adminEvent, AuditLogger auditLogger, KeycloakSession keycloakSession) { String dataDir = System.getProperty(JBOSS_SERVER_DATA_DIR); Path dir = Paths.get(dataDir, "audit-auth-spool", auditLogger.getCommonName().replaceAll(" ", "_")); try { if (!Files.exists(dir)) Files.createDirectories(dir); spoolAndAudit(dir, auditLogger, adminEvent, keycloakSession); } catch (Exception e) { LOG.warn("Failed to spool and audit admin event {}: {} ", adminEvent.getOperationType().name() + " " + adminEvent.getResourceType().name(), e); } }
static void spoolAuditMsg(Event event, AuditLogger log, KeycloakSession keycloakSession) { String dataDir = System.getProperty(JBOSS_SERVER_DATA_DIR); Path dir = Paths.get(dataDir, "audit-auth-spool", log.getCommonName().replaceAll(" ", "_")); try { if (!Files.exists(dir)) Files.createDirectories(dir); if (isLogout(event) && Files.exists(dir.resolve(event.getSessionId()))) { sendAuditMessage(dir.resolve(event.getSessionId()), event, log, keycloakSession); return; } spoolAndAudit(dir, log, event, keycloakSession); } catch (Exception e) { LOG.warn("Failed to spool and audit user auth event {}: {}", event.getType().name(), e); } }
static void spoolAuditMsg(Event event, AuditLogger log, KeycloakSession keycloakSession) { String dataDir = System.getProperty(JBOSS_SERVER_DATA_DIR); Path dir = Paths.get(dataDir, "audit-auth-spool", log.getCommonName().replaceAll(" ", "_")); try { if (!Files.exists(dir)) Files.createDirectories(dir); if (isLogout(event) && Files.exists(dir.resolve(event.getSessionId()))) { sendAuditMessage(dir.resolve(event.getSessionId()), event, log, keycloakSession); return; } spoolAndAudit(dir, log, event, keycloakSession); } catch (Exception e) { LOG.warn("Failed to spool and audit user auth event {}: {}", event.getType().name(), e); } }
private static void spoolAndAudit(Path dir, AuditLogger auditLogger, AdminEvent adminEvent, KeycloakSession keycloakSession) throws IOException { AuthDetails authDetails = adminEvent.getAuthDetails(); Path file = Files.createTempFile(dir, authDetails.getIpAddress() + "-" + authDetails.getUserId(), null); try { try (SpoolFileWriter writer = new SpoolFileWriter( Files.newBufferedWriter(file, StandardCharsets.UTF_8, StandardOpenOption.APPEND))) { writer.writeLine(new AuthInfo(adminEvent, keycloakSession)); } emitAudit(auditLogger, createAuditMsg(file, adminEvent, auditLogger)); Files.delete(file); } catch (Exception e) { LOG.warn("Failed to process Audit Spool File {} of Audit Logger {} : {}", file, auditLogger.getCommonName(), e); try { Files.move(file, file.resolveSibling(file.getFileName().toString() + ".failed")); } catch (IOException e1) { LOG.warn("Failed to mark Audit Spool File {} of Audit Logger {} as failed : {}", file, auditLogger.getCommonName(), e); } } }
private static void spoolAndAudit(Path dir, AuditLogger auditLogger, AdminEvent adminEvent, KeycloakSession keycloakSession) throws IOException { AuthDetails authDetails = adminEvent.getAuthDetails(); Path file = Files.createTempFile(dir, authDetails.getIpAddress() + "-" + authDetails.getUserId(), null); try { try (SpoolFileWriter writer = new SpoolFileWriter( Files.newBufferedWriter(file, StandardCharsets.UTF_8, StandardOpenOption.APPEND))) { writer.writeLine(new AuthInfo(adminEvent, keycloakSession)); } emitAudit(auditLogger, createAuditMsg(file, adminEvent, auditLogger)); Files.delete(file); } catch (Exception e) { LOG.warn("Failed to process Audit Spool File {} of Audit Logger {} : {}", file, auditLogger.getCommonName(), e); try { Files.move(file, file.resolveSibling(file.getFileName().toString() + ".failed")); } catch (IOException e1) { LOG.warn("Failed to mark Audit Spool File {} of Audit Logger {} as failed : {}", file, auditLogger.getCommonName(), e); } } }
private AuditLogger loadAuditLogger(SearchResult sr, String deviceDN, Device device) throws NamingException { Attributes attrs = sr.getAttributes(); AuditLogger auditLogger = new AuditLogger(LdapUtils.stringValue(attrs.get("cn"), null)); loadFrom(auditLogger, attrs); for (String connDN : LdapUtils.stringArray(attrs.get("dicomNetworkConnectionReference"))) auditLogger.addConnection(LdapUtils.findConnection(connDN, deviceDN, device)); String arrDeviceDN = LdapUtils.stringValue(attrs.get("dcmAuditRecordRepositoryDeviceReference"), null); if (deviceDN.equals(arrDeviceDN)) { auditLogger.setAuditRecordRepositoryDevice(device); } else { loadAuditRecordRepositoryDevice(auditLogger, arrDeviceDN); } loadAuditSuppressCriteria(auditLogger, auditLoggerDN(auditLogger.getCommonName(), deviceDN)); return auditLogger; }
private void merge(ConfigurationChanges diffs, AuditLogger prevLogger, AuditLogger logger, String deviceDN) throws NamingException { String appDN = auditLoggerDN(logger.getCommonName(), deviceDN); ConfigurationChanges.ModifiedObject ldapObj = ConfigurationChanges.addModifiedObject(diffs, appDN, ConfigurationChanges.ChangeType.U); config.modifyAttributes(appDN, storeDiffs(ldapObj, prevLogger, logger, deviceDN, new ArrayList<ModificationItem>())); ConfigurationChanges.removeLastIfEmpty(diffs, ldapObj); mergeAuditSuppressCriteria(diffs, prevLogger, logger, appDN); }
private void merge(ConfigurationChanges diffs, AuditLogger prevLogger, AuditLogger logger, String deviceDN) throws NamingException { String appDN = auditLoggerDN(logger.getCommonName(), deviceDN); ConfigurationChanges.ModifiedObject ldapObj = ConfigurationChanges.addModifiedObject(diffs, appDN, ConfigurationChanges.ChangeType.U); config.modifyAttributes(appDN, storeDiffs(ldapObj, prevLogger, logger, deviceDN, new ArrayList<ModificationItem>())); ConfigurationChanges.removeLastIfEmpty(diffs, ldapObj); mergeAuditSuppressCriteria(diffs, prevLogger, logger, appDN); }
private AuditLogger loadAuditLogger(SearchResult sr, String deviceDN, Device device) throws NamingException { Attributes attrs = sr.getAttributes(); AuditLogger auditLogger = new AuditLogger(LdapUtils.stringValue(attrs.get("cn"), null)); loadFrom(auditLogger, attrs); for (String connDN : LdapUtils.stringArray(attrs.get("dicomNetworkConnectionReference"))) auditLogger.addConnection(LdapUtils.findConnection(connDN, deviceDN, device)); String arrDeviceDN = LdapUtils.stringValue(attrs.get("dcmAuditRecordRepositoryDeviceReference"), null); if (deviceDN.equals(arrDeviceDN)) { auditLogger.setAuditRecordRepositoryDevice(device); } else { loadAuditRecordRepositoryDevice(auditLogger, arrDeviceDN); } loadAuditSuppressCriteria(auditLogger, auditLoggerDN(auditLogger.getCommonName(), deviceDN)); return auditLogger; }
private void store(ConfigurationChanges diffs, String deviceDN, AuditLogger logger) throws NamingException { String appDN = auditLoggerDN(logger.getCommonName(), deviceDN); ConfigurationChanges.ModifiedObject ldapObj = ConfigurationChanges.addModifiedObject(diffs, appDN, ConfigurationChanges.ChangeType.C); config.createSubcontext(appDN, storeTo(ConfigurationChanges.nullifyIfNotVerbose(diffs, ldapObj), logger, deviceDN, new BasicAttributes(true))); for (AuditSuppressCriteria criteria : logger.getAuditSuppressCriteriaList()) { String dn = LdapUtils.dnOf("cn", criteria.getCommonName(), appDN); ConfigurationChanges.ModifiedObject ldapObj1 = ConfigurationChanges.addModifiedObjectIfVerbose(diffs, dn, ConfigurationChanges.ChangeType.C); config.createSubcontext(dn, storeTo(ldapObj1, criteria, new BasicAttributes(true))); } }
private void store(ConfigurationChanges diffs, String deviceDN, AuditLogger logger) throws NamingException { String appDN = auditLoggerDN(logger.getCommonName(), deviceDN); ConfigurationChanges.ModifiedObject ldapObj = ConfigurationChanges.addModifiedObject(diffs, appDN, ConfigurationChanges.ChangeType.C); config.createSubcontext(appDN, storeTo(ConfigurationChanges.nullifyIfNotVerbose(diffs, ldapObj), logger, deviceDN, new BasicAttributes(true))); for (AuditSuppressCriteria criteria : logger.getAuditSuppressCriteriaList()) { String dn = LdapUtils.dnOf("cn", criteria.getCommonName(), appDN); ConfigurationChanges.ModifiedObject ldapObj1 = ConfigurationChanges.addModifiedObjectIfVerbose(diffs, dn, ConfigurationChanges.ChangeType.C); config.createSubcontext(dn, storeTo(ldapObj1, criteria, new BasicAttributes(true))); } }
@Override protected void mergeChilds(ConfigurationChanges diffs, Device prev, Device device, String deviceDN) throws NamingException { AuditLoggerDeviceExtension prevAuditLoggerExt = prev.getDeviceExtension(AuditLoggerDeviceExtension.class); AuditLoggerDeviceExtension auditLoggerExt = device.getDeviceExtension(AuditLoggerDeviceExtension.class); if (prevAuditLoggerExt != null) for (String appName : prevAuditLoggerExt.getAuditLoggerNames()) { if (auditLoggerExt == null || !auditLoggerExt.containsAuditLogger(appName)) { String dn = auditLoggerDN(appName, deviceDN); config.destroySubcontextWithChilds(dn); ConfigurationChanges.addModifiedObject(diffs, dn, ConfigurationChanges.ChangeType.D); } } if (auditLoggerExt == null) return; for (AuditLogger logger : auditLoggerExt.getAuditLoggers()) { String appName = logger.getCommonName(); if (prevAuditLoggerExt == null || !prevAuditLoggerExt.containsAuditLogger(appName)) { store(diffs, deviceDN, logger); } else merge(diffs, prevAuditLoggerExt.getAuditLogger(appName), logger, deviceDN); } }
@Override protected void mergeChilds(ConfigurationChanges diffs, Device prev, Device device, String deviceDN) throws NamingException { AuditLoggerDeviceExtension prevAuditLoggerExt = prev.getDeviceExtension(AuditLoggerDeviceExtension.class); AuditLoggerDeviceExtension auditLoggerExt = device.getDeviceExtension(AuditLoggerDeviceExtension.class); if (prevAuditLoggerExt != null) for (String appName : prevAuditLoggerExt.getAuditLoggerNames()) { if (auditLoggerExt == null || !auditLoggerExt.containsAuditLogger(appName)) { String dn = auditLoggerDN(appName, deviceDN); config.destroySubcontextWithChilds(dn); ConfigurationChanges.addModifiedObject(diffs, dn, ConfigurationChanges.ChangeType.D); } } if (auditLoggerExt == null) return; for (AuditLogger logger : auditLoggerExt.getAuditLoggers()) { String appName = logger.getCommonName(); if (prevAuditLoggerExt == null || !prevAuditLoggerExt.containsAuditLogger(appName)) { store(diffs, deviceDN, logger); } else merge(diffs, prevAuditLoggerExt.getAuditLogger(appName), logger, deviceDN); } }