diff options
| author | Ade Lee <alee@redhat.com> | 2017-05-18 16:05:07 -0400 |
|---|---|---|
| committer | Ade Lee <alee@redhat.com> | 2017-05-23 15:24:51 -0400 |
| commit | 3027b565320c96857b7f7fdffed9a5fbec084bab (patch) | |
| tree | 74c30c536bdc148cc55ebb20e86c419563584dea /base/common/src/com | |
| parent | 8016ed7972d9211e7f0db14e45bc9658a7b292ef (diff) | |
| download | pki-3027b565320c96857b7f7fdffed9a5fbec084bab.tar.gz pki-3027b565320c96857b7f7fdffed9a5fbec084bab.tar.xz pki-3027b565320c96857b7f7fdffed9a5fbec084bab.zip | |
Fix auditing in retrieveKey
The auditing in retrieveKey is all messed up.
* Added new audit event to track accesses to KeyInfo queries.
They may produce a lot of events, especially if events are
generated for every listing of data. By default, this event
may be turned off.
* Added audit events for generation and processing of key
recovery requests.
Change-Id: Icb695e712bdfadf0a80903aa52bd00b9d4883182
Diffstat (limited to 'base/common/src/com')
| -rw-r--r-- | base/common/src/com/netscape/certsrv/logging/event/SecurityDataInfoEvent.java | 49 |
1 files changed, 49 insertions, 0 deletions
diff --git a/base/common/src/com/netscape/certsrv/logging/event/SecurityDataInfoEvent.java b/base/common/src/com/netscape/certsrv/logging/event/SecurityDataInfoEvent.java new file mode 100644 index 000000000..82c049e3b --- /dev/null +++ b/base/common/src/com/netscape/certsrv/logging/event/SecurityDataInfoEvent.java @@ -0,0 +1,49 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2017 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +package com.netscape.certsrv.logging.event; + +import com.netscape.certsrv.dbs.keydb.KeyId; +import com.netscape.certsrv.logging.AuditEvent; + +public class SecurityDataInfoEvent extends AuditEvent { + + private static final long serialVersionUID = 1L; + + private static final String LOGGING_PROPERTY = + "LOGGING_SIGNED_AUDIT_SECURITY_DATA_INFO"; + + public SecurityDataInfoEvent( + String subjectID, + String outcome, + KeyId keyID, + String clientKeyID, + String failureReason, + String pubKey) { + + super(LOGGING_PROPERTY); + + setParameters(new Object[] { + subjectID, + outcome, + keyID, + clientKeyID, + failureReason, + pubKey + }); + } +}
\ No newline at end of file |