AuditManager auditManager = context.getAuditManager(); if (auditManager != null) { audit(authenticated ? AuditLevel.SUCCESS : AuditLevel.FAILURE, auditManager, auditPrincipal);
protected void audit(String level, Map<String,Object> contextMap, Exception e) { AuditManager am = securityContext.getAuditManager(); if(am == null) return; contextMap.put("Source", getClass().getName()); AuditEvent ae = new AuditEvent(level,contextMap,e); am.audit(ae); }
protected void audit(String level, Map<String,Object> contextMap, Exception e) { AuditManager am = securityContext.getAuditManager(); if(am == null) return; contextMap.put("Source", getClass().getName()); AuditEvent ae = new AuditEvent(level,contextMap,e); am.audit(ae); }
protected void audit(String level, Map<String,Object> contextMap, Exception e) { AuditManager am = securityContext.getAuditManager(); if(am == null) return; contextMap.put("Source", getClass().getName()); AuditEvent ae = new AuditEvent(level,contextMap,e); am.audit(ae); }
protected void authorizationAudit(String level, Resource resource, Exception e) { if(securityContext.getAuditManager() == null) return; Map<String, Object> contextualMap = resource.getMap(); Map<String,Object> auditContextMap = new HashMap<String,Object>(contextualMap.size() + 3); auditContextMap.putAll(contextualMap); auditContextMap.put("Resource:", resource); auditContextMap.put("Action", "authorization"); if (e != null) { //Authorization Exception stacktrace is huge. Scale it down //as the original stack trace can be seen in server.log (if needed) String exceptionMessage = e != null ? e.getLocalizedMessage() : ""; auditContextMap.put("Exception:", exceptionMessage); } if (e instanceof AuthorizationException) { // changing level of audit, since in case of AuthorizationException it is FAILURE audit(AuditLevel.FAILURE, auditContextMap, null); } else { audit(level, auditContextMap, null); } }
protected void authorizationAudit(String level, Resource resource, Exception e) { if(securityContext.getAuditManager() == null) return; Map<String, Object> contextualMap = resource.getMap(); Map<String,Object> auditContextMap = new HashMap<String,Object>(contextualMap.size() + 3); auditContextMap.putAll(contextualMap); auditContextMap.put("Resource:", resource); auditContextMap.put("Action", "authorization"); if (e != null) { //Authorization Exception stacktrace is huge. Scale it down //as the original stack trace can be seen in server.log (if needed) String exceptionMessage = e != null ? e.getLocalizedMessage() : ""; auditContextMap.put("Exception:", exceptionMessage); } if (e instanceof AuthorizationException) { // changing level of audit, since in case of AuthorizationException it is FAILURE audit(AuditLevel.FAILURE, auditContextMap, null); } else { audit(level, auditContextMap, null); } }
protected void authorizationAudit(String level, Resource resource, Exception e) { if(securityContext.getAuditManager() == null) return; Map<String, Object> contextualMap = resource.getMap(); Map<String,Object> auditContextMap = new HashMap<String,Object>(contextualMap.size() + 3); auditContextMap.putAll(contextualMap); auditContextMap.put("Resource:", resource); auditContextMap.put("Action", "authorization"); if (e != null) { //Authorization Exception stacktrace is huge. Scale it down //as the original stack trace can be seen in server.log (if needed) String exceptionMessage = e != null ? e.getLocalizedMessage() : ""; auditContextMap.put("Exception:", exceptionMessage); } if (e instanceof AuthorizationException) { // changing level of audit, since in case of AuthorizationException it is FAILURE audit(AuditLevel.FAILURE, auditContextMap, null); } else { audit(level, auditContextMap, null); } }
private void audit(String level, Map<String, Object> contextMap, Exception e) { String requestInfo = ""; try { HttpServletRequest hsr = (HttpServletRequest) PolicyContext.getContext(SecurityConstants.WEB_REQUEST_KEY); requestInfo = WebUtil.deriveUsefulInfo(hsr); contextMap.put("request", requestInfo); } catch (PolicyContextException pe) { if (trace) log.trace("Error obtaining the servlet request:", pe); } contextMap.put("Source", getClass().getName()); AuditEvent ae = new AuditEvent(level); ae.setContextMap(contextMap); ae.setUnderlyingException(e); SecurityContext sc = SecurityAssociationActions.getSecurityContext(); if (sc != null) { AuditManager auditManager = sc.getAuditManager(); if (auditManager != null) auditManager.audit(ae); else log.trace("Audit Manager obtained from Security Context is null"); } }
map.put(ShellServer.AUDIT_COMMAND_RESPONSE, txMessage); putPrincipal(map, chan.getPrincipal()); securityContext.getAuditManager().audit(new AuditEvent(AuditLevel.INFO, map));
AuditManager auditManager = context.getAuditManager(); if (auditManager != null) { audit(authenticated ? AuditLevel.SUCCESS : AuditLevel.FAILURE, auditManager, auditPrincipal);
AuditManager auditManager = context.getAuditManager(); if (auditManager != null) { audit(authenticated ? AuditLevel.SUCCESS : AuditLevel.FAILURE, auditManager, auditPrincipal);
AuditManager auditManager = context.getAuditManager(); if (auditManager != null) { audit(authenticated ? AuditLevel.SUCCESS : AuditLevel.FAILURE, auditManager, auditPrincipal);
map.put(AUDIT_MESSAGE, "logout success"); putPrincipal(map, chan.getPrincipal()); this.securityContext.getAuditManager().audit(new AuditEvent(AuditLevel.SUCCESS, map)); map.put(AUDIT_MESSAGE, "login success"); putPrincipal(map, chan.getPrincipal()); this.securityContext.getAuditManager() .audit(new AuditEvent(AuditLevel.SUCCESS, map)); map.put(AUDIT_COMMAND_RESPONSE, "Invalid command"); putPrincipal(map, chan.getPrincipal()); this.securityContext.getAuditManager().audit(new AuditEvent(AuditLevel.INFO, map));