diff options
author | Endi S. Dewata <edewata@redhat.com> | 2017-04-20 10:07:44 +0200 |
---|---|---|
committer | Endi S. Dewata <edewata@redhat.com> | 2017-04-24 20:40:55 +0200 |
commit | 0de8be3084c4ccf23c2850331f86fc067e7c8383 (patch) | |
tree | 5f69e6ea6cef3e8c7e795d17968df2f9c194d9a3 /base/server/cms/src/com/netscape/cms/servlet/processors | |
parent | ce3304834dbb3e4d001ecbbfc1af61044ae7a74c (diff) | |
download | pki-0de8be3084c4ccf23c2850331f86fc067e7c8383.tar.gz pki-0de8be3084c4ccf23c2850331f86fc067e7c8383.tar.xz pki-0de8be3084c4ccf23c2850331f86fc067e7c8383.zip |
Added AuthFailEvent.
A new AuthFailEvent class of has been added to encapsulate the
AUTH_FAIL events.
https://pagure.io/dogtagpki/issue/2641
Change-Id: I870398f6a56df007c9520e50947a7b3c85baf79b
Diffstat (limited to 'base/server/cms/src/com/netscape/cms/servlet/processors')
-rw-r--r-- | base/server/cms/src/com/netscape/cms/servlet/processors/CAProcessor.java | 27 |
1 files changed, 12 insertions, 15 deletions
diff --git a/base/server/cms/src/com/netscape/cms/servlet/processors/CAProcessor.java b/base/server/cms/src/com/netscape/cms/servlet/processors/CAProcessor.java index 93d6a9a16..a28bee17c 100644 --- a/base/server/cms/src/com/netscape/cms/servlet/processors/CAProcessor.java +++ b/base/server/cms/src/com/netscape/cms/servlet/processors/CAProcessor.java @@ -53,6 +53,7 @@ import com.netscape.certsrv.dbs.certdb.ICertRecord; import com.netscape.certsrv.dbs.certdb.ICertificateRepository; import com.netscape.certsrv.logging.AuditEvent; import com.netscape.certsrv.logging.ILogger; +import com.netscape.certsrv.logging.event.AuthFailEvent; import com.netscape.certsrv.logging.event.AuthSuccessEvent; import com.netscape.certsrv.profile.IProfile; import com.netscape.certsrv.profile.IProfileAuthenticator; @@ -474,7 +475,7 @@ public class CAProcessor extends Processor { String authSubjectID = auditSubjectID(); String authMgrID = authenticator.getName(); - String auditMessage = null; + try { if (isRenewal) { authToken = authenticate(authenticator, request, origReq, context, credentials); @@ -486,13 +487,12 @@ public class CAProcessor extends Processor { CMS.debug("CAProcessor: authentication error: " + e); authSubjectID += " : " + uid_cred; - auditMessage = CMS.getLogMessage( - AuditEvent.AUTH_FAIL, + + audit(new AuthFailEvent( authSubjectID, ILogger.FAILURE, authMgrID, - uid_attempted_cred); - audit(auditMessage); + uid_attempted_cred)); throw e; @@ -500,13 +500,12 @@ public class CAProcessor extends Processor { CMS.debug(e); authSubjectID += " : " + uid_cred; - auditMessage = CMS.getLogMessage( - AuditEvent.AUTH_FAIL, + + audit(new AuthFailEvent( authSubjectID, ILogger.FAILURE, authMgrID, - uid_attempted_cred); - audit(auditMessage); + uid_attempted_cred)); throw e; } @@ -565,7 +564,7 @@ public class CAProcessor extends Processor { public IAuthToken authenticate(HttpServletRequest httpReq, String authMgrName) throws EBaseException { - String auditMessage = null; + String auditSubjectID = ILogger.UNIDENTIFIED; String auditAuthMgrID = ILogger.UNIDENTIFIED; String auditUID = ILogger.UNIDENTIFIED; @@ -659,14 +658,12 @@ public class CAProcessor extends Processor { return authToken; } catch (EBaseException eAudit1) { - // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - AuditEvent.AUTH_FAIL, + + audit(new AuthFailEvent( auditSubjectID, ILogger.FAILURE, auditAuthMgrID, - auditUID); - audit(auditMessage); + auditUID)); // rethrow the specific exception to be handled later throw eAudit1; |