Package org.apereo.cas.configuration.model.core.audit

Class AuditEngineProperties

java.lang.Object
org.apereo.cas.configuration.model.core.audit.AuditEngineProperties
All Implemented Interfaces:
Serializable
@RequiresModule(name="cas-server-core-audit", automated=true) public class AuditEngineProperties extends Object implements Serializable
This is AuditEngineProperties.
Since:
5.0.0
See Also:

  • Constructor Details

    • AuditEngineProperties

      public AuditEngineProperties()

  • Method Details

    • isEnabled

      public boolean isEnabled()
      Whether auditing functionality should be enabled.

    • getNumberOfDaysInHistory

      public int getNumberOfDaysInHistory()
      Retrieve audit records from storage, starting from now and going back the indicated number of days in history.

    • isIncludeValidationAssertion

      public boolean isIncludeValidationAssertion()
      Whether ticket validation events in the audit log should include information about the assertion that is validated; things such as the principal id and attributes released.

    • getAppCode

      public String getAppCode()
      Application code to use in the audit logs.

      This is a unique code that acts as the identifier for the application. In case audit logs are aggregated in a central location. This makes it easy to identify the application and filter results based on the code.

    • getAlternateServerAddrHeaderName

      public String getAlternateServerAddrHeaderName()
      Request header to use identify the server address.

    • getAlternateClientAddrHeaderName

      public String getAlternateClientAddrHeaderName()
      Request header to use to identify the client address.

      If the application is sitting behind a load balancer, the client address typically ends up being the load balancer address itself. A common example for a header here would be X-Forwarded-For to glean the client address from the request, assuming the load balancer is configured correctly to pass that header along.

    • isUseServerHostAddress

      public boolean isUseServerHostAddress()
      Determines whether a local DNS lookup should be made to query for the CAS server address.

      By default, the server is address is determined from the request. Aside from special headers, this option allows one to query DNS to look up the server address of the CAS server processing requests.

    • isIgnoreAuditFailures

      public boolean isIgnoreAuditFailures()
      Indicates whether catastrophic audit failures should be logged or whether errors should bubble up and thrown back.

    • getHttpRequestHeaders

      public List<String> getHttpRequestHeaders()
      Collection of HTTP headers that could be extracted from the request and tracked by the underlying audit engine and storage. By default, all request headers are tracked and stored.

    • getSupportedActions

      public List<String> getSupportedActions()
      Indicate a list of supported audit actions that should be recognized, processed and recorded by CAS audit managers. Each supported action can be treated as a regular expression to match against built-in CAS actions.

    • getExcludedActions

      public List<String> getExcludedActions()
      Indicate a list of supported audit actions that should be excluded, filtered and ignored by CAS audit managers. Each supported action can be treated as a regular expression to match against built-in CAS actions.

    • getAuditFormat

      public AuditEngineProperties.AuditFormatTypes getAuditFormat()
      The audit format to use in the logs.

    • getAbbreviationLength

      public int getAbbreviationLength()
      Abbreviate fields and entries in the audit logs where possible by the given length. This typically is applied to long service URLs that are captured in audit logs. Negative/Zero values disable the abbreviation altogether.

    • setEnabled

      public AuditEngineProperties setEnabled(boolean enabled)
      Whether auditing functionality should be enabled.
      Returns:
      this.

    • setNumberOfDaysInHistory

      public AuditEngineProperties setNumberOfDaysInHistory(int numberOfDaysInHistory)
      Retrieve audit records from storage, starting from now and going back the indicated number of days in history.
      Returns:
      this.

    • setIncludeValidationAssertion

      public AuditEngineProperties setIncludeValidationAssertion(boolean includeValidationAssertion)
      Whether ticket validation events in the audit log should include information about the assertion that is validated; things such as the principal id and attributes released.
      Returns:
      this.

    • setAppCode

      public AuditEngineProperties setAppCode(String appCode)
      Application code to use in the audit logs.

      This is a unique code that acts as the identifier for the application. In case audit logs are aggregated in a central location. This makes it easy to identify the application and filter results based on the code.

      Returns:
      this.

    • setAlternateServerAddrHeaderName

      public AuditEngineProperties setAlternateServerAddrHeaderName(String alternateServerAddrHeaderName)
      Request header to use identify the server address.
      Returns:
      this.

    • setAlternateClientAddrHeaderName

      public AuditEngineProperties setAlternateClientAddrHeaderName(String alternateClientAddrHeaderName)
      Request header to use to identify the client address.

      If the application is sitting behind a load balancer, the client address typically ends up being the load balancer address itself. A common example for a header here would be X-Forwarded-For to glean the client address from the request, assuming the load balancer is configured correctly to pass that header along.

      Returns:
      this.

    • setUseServerHostAddress

      public AuditEngineProperties setUseServerHostAddress(boolean useServerHostAddress)
      Determines whether a local DNS lookup should be made to query for the CAS server address.

      By default, the server is address is determined from the request. Aside from special headers, this option allows one to query DNS to look up the server address of the CAS server processing requests.

      Returns:
      this.

    • setIgnoreAuditFailures

      public AuditEngineProperties setIgnoreAuditFailures(boolean ignoreAuditFailures)
      Indicates whether catastrophic audit failures should be logged or whether errors should bubble up and thrown back.
      Returns:
      this.

    • setHttpRequestHeaders

      public AuditEngineProperties setHttpRequestHeaders(List<String> httpRequestHeaders)
      Collection of HTTP headers that could be extracted from the request and tracked by the underlying audit engine and storage. By default, all request headers are tracked and stored.
      Returns:
      this.

    • setSupportedActions

      public AuditEngineProperties setSupportedActions(List<String> supportedActions)
      Indicate a list of supported audit actions that should be recognized, processed and recorded by CAS audit managers. Each supported action can be treated as a regular expression to match against built-in CAS actions.
      Returns:
      this.

    • setExcludedActions

      public AuditEngineProperties setExcludedActions(List<String> excludedActions)
      Indicate a list of supported audit actions that should be excluded, filtered and ignored by CAS audit managers. Each supported action can be treated as a regular expression to match against built-in CAS actions.
      Returns:
      this.

    • setAuditFormat

      public AuditEngineProperties setAuditFormat(AuditEngineProperties.AuditFormatTypes auditFormat)
      The audit format to use in the logs.
      Returns:
      this.

    • setAbbreviationLength

      public AuditEngineProperties setAbbreviationLength(int abbreviationLength)
      Abbreviate fields and entries in the audit logs where possible by the given length. This typically is applied to long service URLs that are captured in audit logs. Negative/Zero values disable the abbreviation altogether.
      Returns:
      this.