[Jboss-cvs] JBossAS SVN: r56159 - trunk/tomcat/src/main/org/jboss/web/tomcat/security
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Tue Aug 22 17:34:37 EDT 2006
Author: anil.saldhana at jboss.com
Date: 2006-08-22 17:34:36 -0400 (Tue, 22 Aug 2006)
New Revision: 56159
Added:
trunk/tomcat/src/main/org/jboss/web/tomcat/security/WebUtil.java
Modified:
trunk/tomcat/src/main/org/jboss/web/tomcat/security/JBossWebRealm.java
Log:
JBAS-2738: Add servlet request audit capability
Modified: trunk/tomcat/src/main/org/jboss/web/tomcat/security/JBossWebRealm.java
===================================================================
--- trunk/tomcat/src/main/org/jboss/web/tomcat/security/JBossWebRealm.java 2006-08-22 20:15:22 UTC (rev 56158)
+++ trunk/tomcat/src/main/org/jboss/web/tomcat/security/JBossWebRealm.java 2006-08-22 21:34:36 UTC (rev 56159)
@@ -41,6 +41,7 @@
import javax.security.auth.Subject;
import javax.security.jacc.PolicyContext;
import javax.security.jacc.PolicyContextException;
+import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.catalina.Wrapper;
@@ -857,6 +858,18 @@
private void audit(String level,
Map contextMap, Exception e)
{
+ String requestInfo = "";
+ try
+ {
+ HttpServletRequest hsr = (HttpServletRequest)PolicyContext.getContext(SecurityConstants.WEB_REQUEST_KEY);
+ requestInfo = WebUtil.deriveUsefulInfo(hsr);
+ contextMap.put("request", requestInfo);
+ }
+ catch (PolicyContextException pe)
+ {
+ if(trace)
+ log.trace("Error obtaining the servlet request:", pe);
+ }
contextMap.put("Source", getClass().getName());
AuditContext ac = AuditManager.getAuditContext(securityDomain);
AuditEvent ae = new AuditEvent(level);
Added: trunk/tomcat/src/main/org/jboss/web/tomcat/security/WebUtil.java
===================================================================
--- trunk/tomcat/src/main/org/jboss/web/tomcat/security/WebUtil.java 2006-08-22 20:15:22 UTC (rev 56158)
+++ trunk/tomcat/src/main/org/jboss/web/tomcat/security/WebUtil.java 2006-08-22 21:34:36 UTC (rev 56159)
@@ -0,0 +1,64 @@
+/*
+ * JBoss, the OpenSource J2EE webOS
+ *
+ * Distributable under LGPL license.
+ * See terms of license at gnu.org.
+ */
+package org.jboss.web.tomcat.security;
+
+import java.util.Enumeration;
+
+import javax.servlet.http.HttpServletRequest;
+
+/**
+ * Provides utility static methods for the web security integration
+ * @author <a href="mailto:Anil.Saldhana at jboss.org">Anil Saldhana</a>
+ * @version $Revision$
+ * @since Aug 22, 2006
+ */
+public class WebUtil
+{
+ /**
+ * Obtain debug information from the servlet request object
+ * @param httpRequest
+ * @return
+ */
+ public static String deriveUsefulInfo(HttpServletRequest httpRequest)
+ {
+ StringBuilder sb = new StringBuilder();
+ sb.append("[").append(httpRequest.getContextPath());
+ sb.append(":cookies=").append(httpRequest.getCookies()).append(":headers=");
+ //Append Header information
+ Enumeration en = httpRequest.getHeaderNames();
+ for(;en.hasMoreElements();)
+ {
+ String headerName = (String)en.nextElement();
+ sb.append(headerName).append("=");
+ sb.append(httpRequest.getHeader(headerName)).append(",");
+ }
+ sb.append("]");
+ //Append Request parameter information
+ sb.append("[parameters=");
+ Enumeration enparam = httpRequest.getParameterNames();
+ for(;enparam.hasMoreElements();)
+ {
+ String paramName = (String)enparam.nextElement();
+ String[] paramValues = httpRequest.getParameterValues(paramName);
+ int len = paramValues != null ? paramValues.length : 0;
+ for(int i = 0 ; i < len ; i++)
+ sb.append(paramValues[i]).append("::");
+ sb.append(",");
+ }
+ sb.append("][attributes=");
+ //Append Request attribute information
+ Enumeration enu = httpRequest.getAttributeNames();
+ for(;enu.hasMoreElements();)
+ {
+ String attrName = (String)enu.nextElement();
+ sb.append(attrName).append("=");
+ sb.append(httpRequest.getAttribute(attrName)).append(",");
+ }
+ sb.append("]");
+ return sb.toString();
+ }
+}
More information about the jboss-cvs-commits
mailing list