diff options
author | Endi S. Dewata <edewata@redhat.com> | 2017-04-20 10:07:44 +0200 |
---|---|---|
committer | Endi S. Dewata <edewata@redhat.com> | 2017-04-24 20:40:55 +0200 |
commit | 0de8be3084c4ccf23c2850331f86fc067e7c8383 (patch) | |
tree | 5f69e6ea6cef3e8c7e795d17968df2f9c194d9a3 /base/server/cms/src/com/netscape/cms/servlet/admin | |
parent | ce3304834dbb3e4d001ecbbfc1af61044ae7a74c (diff) | |
download | pki-0de8be3084c4ccf23c2850331f86fc067e7c8383.tar.gz pki-0de8be3084c4ccf23c2850331f86fc067e7c8383.tar.xz pki-0de8be3084c4ccf23c2850331f86fc067e7c8383.zip |
Added AuthFailEvent.
A new AuthFailEvent class of has been added to encapsulate the
AUTH_FAIL events.
https://pagure.io/dogtagpki/issue/2641
Change-Id: I870398f6a56df007c9520e50947a7b3c85baf79b
Diffstat (limited to 'base/server/cms/src/com/netscape/cms/servlet/admin')
-rw-r--r-- | base/server/cms/src/com/netscape/cms/servlet/admin/AdminServlet.java | 96 |
1 files changed, 34 insertions, 62 deletions
diff --git a/base/server/cms/src/com/netscape/cms/servlet/admin/AdminServlet.java b/base/server/cms/src/com/netscape/cms/servlet/admin/AdminServlet.java index d530f6a84..a715c73f6 100644 --- a/base/server/cms/src/com/netscape/cms/servlet/admin/AdminServlet.java +++ b/base/server/cms/src/com/netscape/cms/servlet/admin/AdminServlet.java @@ -52,6 +52,7 @@ import com.netscape.certsrv.common.NameValuePairs; import com.netscape.certsrv.logging.AuditEvent; import com.netscape.certsrv.logging.IAuditor; import com.netscape.certsrv.logging.ILogger; +import com.netscape.certsrv.logging.event.AuthFailEvent; import com.netscape.certsrv.logging.event.AuthSuccessEvent; import com.netscape.certsrv.usrgrp.EUsrGrpException; import com.netscape.certsrv.usrgrp.IUGSubsystem; @@ -274,7 +275,6 @@ public class AdminServlet extends HttpServlet { protected void authenticate(HttpServletRequest req) throws IOException { - String auditMessage = null; String auditUID = ILogger.UNIDENTIFIED; String authType = ""; @@ -297,15 +297,12 @@ public class AdminServlet extends HttpServlet { (X509Certificate[]) req.getAttribute(CERT_ATTR); if (allCerts == null || allCerts.length == 0) { - // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - AuditEvent.AUTH_FAIL, + + audit(new AuthFailEvent( ILogger.UNIDENTIFIED, ILogger.FAILURE, CERTUSERDB, - auditUID); - - audit(auditMessage); + auditUID)); throw new IOException("No certificate"); } @@ -389,25 +386,20 @@ public class AdminServlet extends HttpServlet { */ if (authType.equals("sslclientauth")) { - // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - AuditEvent.AUTH_FAIL, + + audit(new AuthFailEvent( ILogger.UNIDENTIFIED, ILogger.FAILURE, CERTUSERDB, - auditUID); + auditUID)); - audit(auditMessage); } else { - // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - AuditEvent.AUTH_FAIL, + + audit(new AuthFailEvent( ILogger.UNIDENTIFIED, ILogger.FAILURE, PASSWDUSERDB, - auditUID); - - audit(auditMessage); + auditUID)); } throw new IOException("authentication failed"); @@ -423,25 +415,20 @@ public class AdminServlet extends HttpServlet { tuserid)); if (authType.equals("sslclientauth")) { - // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - AuditEvent.AUTH_FAIL, + + audit(new AuthFailEvent( ILogger.UNIDENTIFIED, ILogger.FAILURE, CERTUSERDB, - auditUID); + auditUID)); - audit(auditMessage); } else { - // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - AuditEvent.AUTH_FAIL, + + audit(new AuthFailEvent( ILogger.UNIDENTIFIED, ILogger.FAILURE, PASSWDUSERDB, - auditUID); - - audit(auditMessage); + auditUID)); } throw new IOException("authentication failed"); @@ -459,25 +446,20 @@ public class AdminServlet extends HttpServlet { tuserid)); if (authType.equals("sslclientauth")) { - // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - AuditEvent.AUTH_FAIL, + + audit(new AuthFailEvent( ILogger.UNIDENTIFIED, ILogger.FAILURE, CERTUSERDB, - auditUID); + auditUID)); - audit(auditMessage); } else { - // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - AuditEvent.AUTH_FAIL, + + audit(new AuthFailEvent( ILogger.UNIDENTIFIED, ILogger.FAILURE, PASSWDUSERDB, - auditUID); - - audit(auditMessage); + auditUID)); } throw new IOException("authentication failed"); @@ -495,25 +477,20 @@ public class AdminServlet extends HttpServlet { CMS.getLogMessage("ADMIN_SRVLT_USR_GRP_ERR", e.toString())); if (authType.equals("sslclientauth")) { - // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - AuditEvent.AUTH_FAIL, + + audit(new AuthFailEvent( ILogger.UNIDENTIFIED, ILogger.FAILURE, CERTUSERDB, - auditUID); + auditUID)); - audit(auditMessage); } else { - // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - AuditEvent.AUTH_FAIL, + + audit(new AuthFailEvent( ILogger.UNIDENTIFIED, ILogger.FAILURE, PASSWDUSERDB, - auditUID); - - audit(auditMessage); + auditUID)); } throw new IOException("authentication failed"); @@ -539,25 +516,20 @@ public class AdminServlet extends HttpServlet { } } catch (IOException eAudit1) { if (authType.equals("sslclientauth")) { - // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - AuditEvent.AUTH_FAIL, + + audit(new AuthFailEvent( ILogger.UNIDENTIFIED, ILogger.FAILURE, CERTUSERDB, - auditUID); + auditUID)); - audit(auditMessage); } else { - // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - AuditEvent.AUTH_FAIL, + + audit(new AuthFailEvent( ILogger.UNIDENTIFIED, ILogger.FAILURE, PASSWDUSERDB, - auditUID); - - audit(auditMessage); + auditUID)); } // rethrow the specific exception to be handled later |