[jboss-cvs] Picketbox SVN: r360 - trunk/security-spi/spi/src/main/java/org/jboss/security/javaee.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Wed Nov 28 11:39:18 EST 2012
Author: pskopek at redhat.com
Date: 2012-11-28 11:39:18 -0500 (Wed, 28 Nov 2012)
New Revision: 360
Modified:
trunk/security-spi/spi/src/main/java/org/jboss/security/javaee/AbstractJavaEEHelper.java
trunk/security-spi/spi/src/main/java/org/jboss/security/javaee/EJBAuthenticationHelper.java
Log:
[AS7-2115] Security audit log data changes to be more consistent.
Modified: trunk/security-spi/spi/src/main/java/org/jboss/security/javaee/AbstractJavaEEHelper.java
===================================================================
--- trunk/security-spi/spi/src/main/java/org/jboss/security/javaee/AbstractJavaEEHelper.java 2012-11-15 13:34:32 UTC (rev 359)
+++ trunk/security-spi/spi/src/main/java/org/jboss/security/javaee/AbstractJavaEEHelper.java 2012-11-28 16:39:18 UTC (rev 360)
@@ -30,7 +30,9 @@
import org.jboss.security.PicketBoxMessages;
import org.jboss.security.SecurityContext;
import org.jboss.security.audit.AuditEvent;
+import org.jboss.security.audit.AuditLevel;
import org.jboss.security.audit.AuditManager;
+import org.jboss.security.authorization.AuthorizationException;
import org.jboss.security.authorization.PolicyRegistration;
import org.jboss.security.authorization.Resource;
@@ -93,16 +95,33 @@
{
if(securityContext.getAuditManager() == null)
return;
- //Authorization Exception stacktrace is huge. Scale it down
- //as the original stack trace can be seen in server.log (if needed)
- String exceptionMessage = e != null ? e.getLocalizedMessage() : "";
Map<String,Object> auditContextMap = new HashMap<String,Object>();
auditContextMap.putAll(resource.getMap());
auditContextMap.put("Resource:", resource.toString());
- auditContextMap.put("Exception:", exceptionMessage);
- audit(level,auditContextMap,null);
+ auditContextMap.put("Action", "authorization");
+ if (e != null) {
+ //Authorization Exception stacktrace is huge. Scale it down
+ //as the original stack trace can be seen in server.log (if needed)
+ String exceptionMessage = e != null ? e.getLocalizedMessage() : "";
+ auditContextMap.put("Exception:", exceptionMessage);
+ }
+ if (e instanceof AuthorizationException) {
+ // changing level of audit, since in case of AuthorizationException it is FAILURE
+ audit(AuditLevel.FAILURE, auditContextMap, null);
+ }
+ else {
+ audit(level, auditContextMap, null);
+ }
}
+ protected void authenticationAudit(String level, Map<String,Object> contextMap, Exception e)
+ {
+ if (contextMap != null) {
+ contextMap.put("Action", "authentication");
+ }
+ audit(level, contextMap, e);
+ }
+
protected void audit(String level,
Map<String,Object> contextMap, Exception e)
{
Modified: trunk/security-spi/spi/src/main/java/org/jboss/security/javaee/EJBAuthenticationHelper.java
===================================================================
--- trunk/security-spi/spi/src/main/java/org/jboss/security/javaee/EJBAuthenticationHelper.java 2012-11-15 13:34:32 UTC (rev 359)
+++ trunk/security-spi/spi/src/main/java/org/jboss/security/javaee/EJBAuthenticationHelper.java 2012-11-28 16:39:18 UTC (rev 360)
@@ -91,15 +91,18 @@
// Check for the security association exception
String EX_KEY = "org.jboss.security.exception";
Exception ex = (Exception) securityContext.getData().get(EX_KEY);
- audit(AuditLevel.ERROR, cMap ,ex);
if(ex == null)
{
- audit(AuditLevel.FAILURE,cMap,null);
+ authenticationAudit(AuditLevel.FAILURE,cMap,null);
}
+ else
+ {
+ authenticationAudit(AuditLevel.ERROR, cMap ,ex);
+ }
}
else
{
- audit(AuditLevel.SUCCESS,cMap,null);
+ authenticationAudit(AuditLevel.SUCCESS,cMap,null);
}
return auth;
}
More information about the jboss-cvs-commits
mailing list