Source Code Cross Referenced for SSOAuditManagerImpl.java in  » Authentication-Authorization » josso-1.7 » org » josso » gateway » audit » service » Java Source Code / Java DocumentationJava Source Code and Java Documentation

001:        /*
002:         * JOSSO: Java Open Single Sign-On
003:         *
004:         * Copyright 2004-2008, Atricore, Inc.
005:         *
006:         * This is free software; you can redistribute it and/or modify it
007:         * under the terms of the GNU Lesser General Public License as
008:         * published by the Free Software Foundation; either version 2.1 of
009:         * the License, or (at your option) any later version.
010:         *
011:         * This software is distributed in the hope that it will be useful,
012:         * but WITHOUT ANY WARRANTY; without even the implied warranty of
013:         * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
014:         * Lesser General Public License for more details.
015:         *
016:         * You should have received a copy of the GNU Lesser General Public
017:         * License along with this software; if not, write to the Free
018:         * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
019:         * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
020:         */
021:        package org.josso.gateway.audit.service;
022:
023:        import org.apache.commons.logging.Log;
024:        import org.apache.commons.logging.LogFactory;
025:        import org.josso.Lookup;
026:        import org.josso.gateway.audit.SSOAuditManager;
027:        import org.josso.gateway.audit.SSOAuditTrail;
028:        import org.josso.gateway.audit.exceptions.SSOAuditException;
029:        import org.josso.gateway.audit.service.handler.SSOAuditTrailHandler;
030:        import org.josso.gateway.event.BaseSSOEvent;
031:        import org.josso.gateway.event.SSOEvent;
032:        import org.josso.gateway.event.SSOEventListener;
033:        import org.josso.gateway.event.security.SSOIdentityEvent;
034:        import org.josso.gateway.event.security.SSOSessionEvent;
035:
036:        import java.util.ArrayList;
037:        import java.util.Date;
038:        import java.util.List;
039:        import java.util.Properties;
040:
041:        /**
042:         * This implementation logs all events using the standard logger.
043:         * The logger category is this implementation FQCN.
044:         *
045:         * Enalbe/Disable audit audit using your logger configuration.
046:         * Messages are logged with INFO priority.
047:         *
048:         * @author <a href="mailto:sgonzalez@josso.org">Sebastian Gonzalez Oyuela</a>
049:         * @version $Id: SSOAuditManagerImpl.java 508 2008-02-18 13:32:29Z sgonzalez $
050:         */
051:
052:        public class SSOAuditManagerImpl implements  SSOAuditManager,
053:                SSOEventListener {
054:
055:            private static final Log logger = LogFactory
056:                    .getLog(SSOAuditManagerImpl.class);
057:
058:            public static final String OUTCOME_SUCCESS = "success";
059:
060:            public static final String OUTCOME_FAILURE = "failure";
061:
062:            private String _name;
063:
064:            // List of SSOAuditTrailHandlers ...
065:            protected List handlers;
066:
067:            public SSOAuditManagerImpl() {
068:                this ("SSOAuditManagerImpl");
069:            }
070:
071:            public SSOAuditManagerImpl(String name) {
072:                handlers = new ArrayList();
073:                this ._name = _name;
074:            }
075:
076:            public String getName() {
077:                return _name;
078:            }
079:
080:            public void initialize() {
081:                // Lookup for Event Manager and register this manager as a listener :
082:                try {
083:                    Lookup.getInstance().lookupSecurityDomain()
084:                            .getEventManager().registerListener(this );
085:                } catch (Exception e) {
086:                    logger.error(
087:                            "Can't get register SSOAuditManager as event listener : "
088:                                    + e.getMessage(), e);
089:                }
090:            }
091:
092:            public void destroy() {
093:
094:            }
095:
096:            public void addHandler(SSOAuditTrailHandler handler) {
097:                logger.info("Adding handler : " + handler.getClass().getName());
098:                handlers.add(handler);
099:            }
100:
101:            /**
102:             * Receives SSO events to generate audit trails.
103:             */
104:            public void handleSSOEvent(SSOEvent event) {
105:                try {
106:                    SSOAuditTrail auditTrail = buildAuditTrail(event);
107:                    processAuditTrail(auditTrail);
108:                } catch (Exception e) {
109:                    logger.error("Can't generate audit : " + e.getMessage(), e);
110:                }
111:
112:            }
113:
114:            /**
115:             * This implementation just logs the received trail using this audit manager's logger.
116:             * Subclasses may provide more complex functionallity.
117:             */
118:            public void processAuditTrail(SSOAuditTrail trail)
119:                    throws SSOAuditException {
120:
121:                for (int i = 0; i < handlers.size(); i++) {
122:                    SSOAuditTrailHandler handler = (SSOAuditTrailHandler) handlers
123:                            .get(i);
124:
125:                    if (handler.handle(trail) == SSOAuditTrailHandler.STOP_PROCESS) {
126:                        if (logger.isDebugEnabled())
127:                            logger.debug("Process interrupted by : " + handler);
128:                        break;
129:                    }
130:                }
131:
132:            }
133:
134:            /**
135:             * This method builds a SSOAuditTrail based on a SSEvent instance.
136:             */
137:            protected SSOAuditTrail buildAuditTrail(SSOEvent event) {
138:
139:                String category = null;
140:                String severity = "info";
141:                String subject = null;
142:                String outcome = null;
143:                Throwable error = null;
144:
145:                // General SSOEvent handling
146:                Date time = new Date();
147:                String action = event.getType();
148:
149:                if (event instanceof  BaseSSOEvent) {
150:
151:                    error = ((BaseSSOEvent) event).getError();
152:                    outcome = error != null ? OUTCOME_FAILURE : OUTCOME_SUCCESS;
153:                }
154:
155:                Properties props = new Properties();
156:
157:                // Build detailed informaton based on a SSOIdentityEvent
158:                if (event instanceof  SSOIdentityEvent) {
159:
160:                    category = "sso-user";
161:
162:                    SSOIdentityEvent ie = (SSOIdentityEvent) event;
163:                    subject = ((SSOIdentityEvent) event).getUsername();
164:
165:                    // Add other properties :
166:
167:                    props.setProperty("remoteHost", ie.getRemoteHost());
168:
169:                    if (ie.getScheme() != null)
170:                        props.setProperty("authScheme", ie.getScheme());
171:
172:                    if (ie.getSessionId() != null)
173:                        props.setProperty("ssoSessionId", ie.getSessionId());
174:
175:                    // Build detailed informaton based on a SSOSessionEvent
176:                } else if (event instanceof  SSOSessionEvent) {
177:
178:                    category = "sso-session";
179:
180:                    SSOSessionEvent se = (SSOSessionEvent) event;
181:                    subject = se.getUsername();
182:
183:                    props.setProperty("ssoSessionId", se.getSessionId());
184:
185:                    if (se.getData() != null)
186:                        props.setProperty("data", se.getData().toString());
187:
188:                }
189:
190:                // Return the new SSOAuditTrailInstance ...
191:                return new BaseSSOAuditTrail(category, severity, subject,
192:                        action, outcome, time, props, error);
193:
194:            }
195:
196:        }