public class AuditMgrImpl extends Manageable implements AuditMgr, Serializable
Bind
, authorization
AuthZ
and modification
Mod
events as they occur automatically on the server when audit is
enabled.
All events include Fortress context, see FortEntity
.
UserAudit
List<Bind
>
AuditMgr.searchBinds(org.apache.directory.fortress.core.model.UserAudit)
List<Bind
>
AuditMgr.searchInvalidUsers(org.apache.directory.fortress.core.model.UserAudit)
List<AuthZ
>
AuditMgr.getUserAuthZs(org.apache.directory.fortress.core.model.UserAudit)
List<AuthZ
>
AuditMgr.searchAuthZs(org.apache.directory.fortress.core.model.UserAudit)
List<Mod
>
AuditMgr.searchUserSessions(org.apache.directory.fortress.core.model.UserAudit)
List<Mod
>
AuditMgr.searchAdminMods(org.apache.directory.fortress.core.model.UserAudit)
This class is NOT thread safe if parent instance variables (Manageable.contextId
or Manageable.adminSess
) are set.
adminSess, contextId
Constructor and Description |
---|
AuditMgrImpl() |
Modifier and Type | Method and Description |
---|---|
List<AuthZ> |
getUserAuthZs(UserAudit uAudit)
This method returns a list of authorization events for a particular user
UserAudit.userId
and given timestamp field UserAudit.beginDate .Method also can discriminate between all events or failed only by setting UserAudit.failedOnly . |
List<Mod> |
searchAdminMods(UserAudit uAudit)
This method returns a list of admin operations events for a particular entity
UserAudit.dn ,
object UserAudit.objName and timestamp UserAudit.beginDate . |
List<AuthZ> |
searchAuthZs(UserAudit uAudit)
This method returns a list of authorization events for a particular user
UserAudit.userId ,
object UserAudit.objName , and given timestamp field
UserAudit.beginDate .Method also can discriminate between all events or failed only by setting flag UserAudit.failedOnly .. |
List<Bind> |
searchBinds(UserAudit uAudit)
This method returns a list of authentication audit events for a particular user
UserAudit.userId ,
and given timestamp field UserAudit.beginDate . |
List<AuthZ> |
searchInvalidUsers(UserAudit uAudit)
This method returns a list of failed authentication attempts on behalf of an invalid identity
UserAudit.userId , and given timestamp UserAudit.beginDate . |
List<Mod> |
searchUserSessions(UserAudit uAudit)
This method returns a list of sessions created for a given user
UserAudit.userId ,
and timestamp UserAudit.beginDate . |
assertContext, assertContext, checkAccess, getFullMethodName, setAdmin, setAdminData, setContextId, setEntitySession
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
setAdmin, setContextId
public List<AuthZ> getUserAuthZs(UserAudit uAudit) throws SecurityException
UserAudit.userId
and given timestamp field UserAudit.beginDate
.UserAudit.failedOnly
.
UserAudit.userId
- contains the target userIdUserAudit.beginDate
- contains the date in which to begin searchUserAudit.failedOnly
- if set to 'true', return only failed authorization eventsgetUserAuthZs
in interface AuditMgr
uAudit
- This entity is instantiated and populated before invocation.SecurityException
- if a runtime system error occurs.public List<AuthZ> searchAuthZs(UserAudit uAudit) throws SecurityException
UserAudit.userId
,
object UserAudit.objName
, and given timestamp field
UserAudit.beginDate
.UserAudit.failedOnly
..
UserAudit.userId
- contains the target userIdUserAudit.objName
- contains the object (authorization resource) nameUserAudit.beginDate
- contains the date in which to begin searchUserAudit.failedOnly
- if set to 'true', return only failed authorization eventssearchAuthZs
in interface AuditMgr
uAudit
- This entity is instantiated and populated before invocation.SecurityException
- if a runtime system error occurs.public List<Bind> searchBinds(UserAudit uAudit) throws SecurityException
UserAudit.userId
,
and given timestamp field UserAudit.beginDate
.UserAudit.userId
- contains the target userIdUserAudit.beginDate
- contains the date in which to begin search
UserAudit.failedOnly
- if set to 'true', return only failed authorization eventssearchBinds
in interface AuditMgr
uAudit
- This entity is instantiated and populated before invocation.SecurityException
- if a runtime system error occurs.public List<Mod> searchUserSessions(UserAudit uAudit) throws SecurityException
UserAudit.userId
,
and timestamp UserAudit.beginDate
.UserAudit.userId
- contains the target userIdUserAudit.beginDate
- contains the date in which to begin searchsearchUserSessions
in interface AuditMgr
uAudit
- This entity is instantiated and populated before invocation.SecurityException
- if a runtime system error occurs.public List<Mod> searchAdminMods(UserAudit uAudit) throws SecurityException
UserAudit.dn
,
object UserAudit.objName
and timestamp UserAudit.beginDate
.
If the internal userId UserAudit.internalUserId
is set it will limit
search by that field.
UserAudit.dn
- contains the LDAP distinguished name for the updated object. For example if caller
wants to find out what changes were made to John Doe's user object this would be
'uid=jdoe,ou=People,dc=example,dc=com'
UserAudit.objName
- contains the object (authorization resource) name corresponding to the event. For
example if caller wants to return events where User object was modified, this would be 'updateUser'
UserAudit.internalUserId
- maps to the internalUserId of user
who changed the record in LDAP. This maps to User.internalId
.
UserAudit.beginDate
- contains the date in which to begin searchUserAudit.endDate
- contains the date in which to end searchsearchAdminMods
in interface AuditMgr
uAudit
- This entity is instantiated and populated before invocation.SecurityException
- if a runtime system error occurs.public List<AuthZ> searchInvalidUsers(UserAudit uAudit) throws SecurityException
UserAudit.userId
, and given timestamp UserAudit.beginDate
.
If the UserAudit.failedOnly
is true it will
return only authentication attempts made with invalid userId. This event represents either User incorrectly entering
userId during signon or possible fraudulent logon attempt by hostile agent.
This event is generated when Fortress looks up User record prior to LDAP bind operation.
UserAudit.userId
- contains the target userIdUserAudit.beginDate
- contains the date in which to begin searchUserAudit.failedOnly
- if set to 'true', return only failed authorization eventssearchInvalidUsers
in interface AuditMgr
uAudit
- This entity is instantiated and populated before invocation.SecurityException
- if a runtime system error occurs.Copyright © 2003-2016, The Apache Software Foundation. All Rights Reserved. Generated 20160718-1621