Package com.sun.enterprise.security.ee
Class Audit
- java.lang.Object
-
- com.sun.enterprise.security.BaseAuditModule
-
- com.sun.appserv.security.AuditModule
-
- com.sun.enterprise.security.ee.Audit
-
public class Audit extends AuditModule
Audit support class.This class provides convenience methods for producing audit output. Audit output is logged using the standard iAS logger SECURITYLOGGER. However, audit output is only produced if auditing is active. Auditing is configured in server.xml in the security-service element.
Audit output if logged with Level.WARNING.
Some diagnostic methods are also provided for debugging.
-
-
Field Summary
-
Fields inherited from class com.sun.enterprise.security.BaseAuditModule
props
-
-
Constructor Summary
Constructors Constructor Description Audit()
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description void
authentication(String user, String realm, boolean success)
Invoked post authentication request for a user in a given realmvoid
ejbAsWebServiceInvocation(String endpoint, boolean success)
Invoked during validation of the web service requestvoid
ejbInvocation(String user, String ejb, String method, boolean success)
Invoked post ejb authorization request.void
init(Properties props)
Method is invoked at server startup, during AuditModule initialization.static boolean
isActive()
Check auditing state.void
serverShutdown()
Invoked upon completion of the server shutdownvoid
serverStarted()
Invoked upon completion of the server startupstatic void
showACL(Application app)
Diagnostic method.void
webInvocation(String user, jakarta.servlet.http.HttpServletRequest req, String type, boolean success)
Invoked post web authorization request.void
webServiceInvocation(String uri, String endpoint, boolean success)
Invoked during validation of the web service request
-
-
-
Method Detail
-
isActive
public static boolean isActive()
Check auditing state.
-
init
public void init(Properties props)
Description copied from class:BaseAuditModule
Method is invoked at server startup, during AuditModule initialization. If method returns without any exception then Payara assumes that the module is ready to serve any requests.- Overrides:
init
in classBaseAuditModule
- Parameters:
props
- the properties for the AuditModule. These properties are defined in the domain.xml
-
authentication
public void authentication(String user, String realm, boolean success)
Invoked post authentication request for a user in a given realm- Overrides:
authentication
in classBaseAuditModule
- Parameters:
user
- username for whom the authentication request was maderealm
- the realm name under which the user is authenticated.success
- the status of the authentication
-
webInvocation
public void webInvocation(String user, jakarta.servlet.http.HttpServletRequest req, String type, boolean success)
Invoked post web authorization request.- Overrides:
webInvocation
in classAuditModule
- Parameters:
user
- the username for whom the authorization was performedreq
- the HttpRequest object for the web requesttype
- either hasResourcePermission, hasUserDataPermission or hasRoleRefPermissionsuccess
- the status of the web authorization request
-
ejbInvocation
public void ejbInvocation(String user, String ejb, String method, boolean success)
Invoked post ejb authorization request.- Overrides:
ejbInvocation
in classAuditModule
- Parameters:
user
- the username for whom the authorization was performedejb
- the ejb name for which this authorization was performedmethod
- the method name for which this authorization was performedsuccess
- the status of the ejb authorization request
-
webServiceInvocation
public void webServiceInvocation(String uri, String endpoint, boolean success)
Invoked during validation of the web service request- Overrides:
webServiceInvocation
in classAuditModule
- Parameters:
uri
- The URL representation of the web service endpointendpoint
- The name of the endpoint representationsuccess
- the status of the web service request validation
-
ejbAsWebServiceInvocation
public void ejbAsWebServiceInvocation(String endpoint, boolean success)
Invoked during validation of the web service request- Overrides:
ejbAsWebServiceInvocation
in classAuditModule
- Parameters:
endpoint
- The URL representation of the web service endpointsuccess
- the status of the web service request validation
-
serverStarted
public void serverStarted()
Invoked upon completion of the server startup- Overrides:
serverStarted
in classBaseAuditModule
-
serverShutdown
public void serverShutdown()
Invoked upon completion of the server shutdown- Overrides:
serverShutdown
in classBaseAuditModule
-
showACL
public static void showACL(Application app)
Diagnostic method. Read roles and ACLs from the given Application and dump a somewhat organized summary of what has been set. This can be used to diagnose deployment or runtime deployment errors as well as to help in configuring application descriptors.Implementation is not particularly efficient but this is only called for debugging purposes at startup. All errors are ignored.
- Parameters:
app
- Application object to analyze.
-
-