Class AuditEngineProperties
- All Implemented Interfaces:
Serializable
AuditEngineProperties
.- Since:
- 5.0.0
- See Also:
-
Nested Class Summary
Modifier and TypeClassDescriptionstatic enum
The audit format types. -
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionint
Abbreviate fields and entries in the audit logs where possible by the given length.Request header to use to identify the client address.Request header to use identify the server address.Application code to use in the audit logs.The audit format to use in the logs.Indicate a list of supported audit actions that should be excluded, filtered and ignored by CAS audit managers.Collection of HTTP headers that could be extracted from the request and tracked by the underlying audit engine and storage.int
Retrieve audit records from storage, starting from now and going back the indicated number of days in history.Indicate a list of supported audit actions that should be recognized, processed and recorded by CAS audit managers.boolean
Whether auditing functionality should be enabled.boolean
Indicates whether catastrophic audit failures should be logged or whether errors should bubble up and thrown back.boolean
Whether ticket validation events in the audit log should include information about the assertion that is validated; things such as the principal id and attributes released.boolean
Determines whether a local DNS lookup should be made to query for the CAS server address.setAbbreviationLength
(int abbreviationLength) Abbreviate fields and entries in the audit logs where possible by the given length.setAlternateClientAddrHeaderName
(String alternateClientAddrHeaderName) Request header to use to identify the client address.setAlternateServerAddrHeaderName
(String alternateServerAddrHeaderName) Request header to use identify the server address.setAppCode
(String appCode) Application code to use in the audit logs.setAuditFormat
(AuditEngineProperties.AuditFormatTypes auditFormat) The audit format to use in the logs.setEnabled
(boolean enabled) Whether auditing functionality should be enabled.setExcludedActions
(List<String> excludedActions) Indicate a list of supported audit actions that should be excluded, filtered and ignored by CAS audit managers.setHttpRequestHeaders
(List<String> httpRequestHeaders) Collection of HTTP headers that could be extracted from the request and tracked by the underlying audit engine and storage.setIgnoreAuditFailures
(boolean ignoreAuditFailures) Indicates whether catastrophic audit failures should be logged or whether errors should bubble up and thrown back.setIncludeValidationAssertion
(boolean includeValidationAssertion) Whether ticket validation events in the audit log should include information about the assertion that is validated; things such as the principal id and attributes released.setNumberOfDaysInHistory
(int numberOfDaysInHistory) Retrieve audit records from storage, starting from now and going back the indicated number of days in history.setSupportedActions
(List<String> supportedActions) Indicate a list of supported audit actions that should be recognized, processed and recorded by CAS audit managers.setUseServerHostAddress
(boolean useServerHostAddress) Determines whether a local DNS lookup should be made to query for the CAS server address.
-
Constructor Details
-
AuditEngineProperties
public AuditEngineProperties()
-
-
Method Details
-
isEnabled
public boolean isEnabled()Whether auditing functionality should be enabled. -
getNumberOfDaysInHistory
public int getNumberOfDaysInHistory()Retrieve audit records from storage, starting from now and going back the indicated number of days in history. -
isIncludeValidationAssertion
public boolean isIncludeValidationAssertion()Whether ticket validation events in the audit log should include information about the assertion that is validated; things such as the principal id and attributes released. -
getAppCode
Application code to use in the audit logs.This is a unique code that acts as the identifier for the application. In case audit logs are aggregated in a central location. This makes it easy to identify the application and filter results based on the code.
-
getAlternateServerAddrHeaderName
Request header to use identify the server address. -
getAlternateClientAddrHeaderName
Request header to use to identify the client address.If the application is sitting behind a load balancer, the client address typically ends up being the load balancer address itself. A common example for a header here would be
X-Forwarded-For
to glean the client address from the request, assuming the load balancer is configured correctly to pass that header along. -
isUseServerHostAddress
public boolean isUseServerHostAddress()Determines whether a local DNS lookup should be made to query for the CAS server address.By default, the server is address is determined from the request. Aside from special headers, this option allows one to query DNS to look up the server address of the CAS server processing requests.
-
isIgnoreAuditFailures
public boolean isIgnoreAuditFailures()Indicates whether catastrophic audit failures should be logged or whether errors should bubble up and thrown back. -
getHttpRequestHeaders
Collection of HTTP headers that could be extracted from the request and tracked by the underlying audit engine and storage. By default, all request headers are tracked and stored. -
getSupportedActions
Indicate a list of supported audit actions that should be recognized, processed and recorded by CAS audit managers. Each supported action can be treated as a regular expression to match against built-in CAS actions. -
getExcludedActions
Indicate a list of supported audit actions that should be excluded, filtered and ignored by CAS audit managers. Each supported action can be treated as a regular expression to match against built-in CAS actions. -
getAuditFormat
The audit format to use in the logs. -
getAbbreviationLength
public int getAbbreviationLength()Abbreviate fields and entries in the audit logs where possible by the given length. This typically is applied to long service URLs that are captured in audit logs. Negative/Zero values disable the abbreviation altogether. -
setEnabled
Whether auditing functionality should be enabled.- Returns:
this
.
-
setNumberOfDaysInHistory
Retrieve audit records from storage, starting from now and going back the indicated number of days in history.- Returns:
this
.
-
setIncludeValidationAssertion
Whether ticket validation events in the audit log should include information about the assertion that is validated; things such as the principal id and attributes released.- Returns:
this
.
-
setAppCode
Application code to use in the audit logs.This is a unique code that acts as the identifier for the application. In case audit logs are aggregated in a central location. This makes it easy to identify the application and filter results based on the code.
- Returns:
this
.
-
setAlternateServerAddrHeaderName
Request header to use identify the server address.- Returns:
this
.
-
setAlternateClientAddrHeaderName
Request header to use to identify the client address.If the application is sitting behind a load balancer, the client address typically ends up being the load balancer address itself. A common example for a header here would be
X-Forwarded-For
to glean the client address from the request, assuming the load balancer is configured correctly to pass that header along.- Returns:
this
.
-
setUseServerHostAddress
Determines whether a local DNS lookup should be made to query for the CAS server address.By default, the server is address is determined from the request. Aside from special headers, this option allows one to query DNS to look up the server address of the CAS server processing requests.
- Returns:
this
.
-
setIgnoreAuditFailures
Indicates whether catastrophic audit failures should be logged or whether errors should bubble up and thrown back.- Returns:
this
.
-
setHttpRequestHeaders
Collection of HTTP headers that could be extracted from the request and tracked by the underlying audit engine and storage. By default, all request headers are tracked and stored.- Returns:
this
.
-
setSupportedActions
Indicate a list of supported audit actions that should be recognized, processed and recorded by CAS audit managers. Each supported action can be treated as a regular expression to match against built-in CAS actions.- Returns:
this
.
-
setExcludedActions
Indicate a list of supported audit actions that should be excluded, filtered and ignored by CAS audit managers. Each supported action can be treated as a regular expression to match against built-in CAS actions.- Returns:
this
.
-
setAuditFormat
The audit format to use in the logs.- Returns:
this
.
-
setAbbreviationLength
Abbreviate fields and entries in the audit logs where possible by the given length. This typically is applied to long service URLs that are captured in audit logs. Negative/Zero values disable the abbreviation altogether.- Returns:
this
.
-