diff options
author | Endi S. Dewata <edewata@redhat.com> | 2017-06-21 00:48:39 +0200 |
---|---|---|
committer | Endi S. Dewata <edewata@redhat.com> | 2017-06-24 00:04:03 +0200 |
commit | db84bffad64dd4b9a9d684255794719ae13d677f (patch) | |
tree | ae053e4062ce95d7a890e0817b473f381dbce13d /base/server/cms/src/com/netscape/cms/servlet/processors | |
parent | 5b2d619e9fdd3d020edda96196cac4e70a27fd6e (diff) | |
download | pki-db84bffad64dd4b9a9d684255794719ae13d677f.tar.gz pki-db84bffad64dd4b9a9d684255794719ae13d677f.tar.xz pki-db84bffad64dd4b9a9d684255794719ae13d677f.zip |
Refactored signed audit logger.
Signed audit logger creation has been simplified into:
Logger signedAuditLogger = SignedAuditLogger.getLogger();
The null checks on signed audit logger have been removed since
it cannot be null. Audit messages can be logged as follows:
signedAuditLogger.log(message);
https://pagure.io/dogtagpki/issue/2689
Change-Id: I3bf781b0194a6cbb166f71751c098d1c2a3a657a
Diffstat (limited to 'base/server/cms/src/com/netscape/cms/servlet/processors')
-rw-r--r-- | base/server/cms/src/com/netscape/cms/servlet/processors/CAProcessor.java | 34 | ||||
-rw-r--r-- | base/server/cms/src/com/netscape/cms/servlet/processors/PKIProcessor.java | 23 |
2 files changed, 10 insertions, 47 deletions
diff --git a/base/server/cms/src/com/netscape/cms/servlet/processors/CAProcessor.java b/base/server/cms/src/com/netscape/cms/servlet/processors/CAProcessor.java index bc5b9b5a1..79bd7c4c6 100644 --- a/base/server/cms/src/com/netscape/cms/servlet/processors/CAProcessor.java +++ b/base/server/cms/src/com/netscape/cms/servlet/processors/CAProcessor.java @@ -68,6 +68,8 @@ import com.netscape.certsrv.usrgrp.ICertUserLocator; import com.netscape.certsrv.usrgrp.IGroup; import com.netscape.certsrv.usrgrp.IUGSubsystem; import com.netscape.certsrv.util.IStatsSubsystem; +import com.netscape.cms.logging.Logger; +import com.netscape.cms.logging.SignedAuditLogger; import com.netscape.cms.servlet.common.AuthCredentials; import com.netscape.cms.servlet.common.CMSGateway; import com.netscape.cms.servlet.common.ServletUtils; @@ -76,6 +78,8 @@ import netscape.security.x509.X509CertImpl; public class CAProcessor extends Processor { + private static Logger signedAuditLogger = SignedAuditLogger.getLogger(); + public final static String ARG_REQUEST_OWNER = "requestOwner"; public final static String HDR_LANG = "accept-language"; public final static String ARG_PROFILE = "profile"; @@ -137,7 +141,6 @@ public class CAProcessor extends Processor { //logging and stats - protected ILogger signedAuditLogger = CMS.getSignedAuditLogger(); protected LinkedHashSet<String> statEvents = new LinkedHashSet<String>(); public CAProcessor(String id, Locale locale) throws EPropertyNotFound, EBaseException { @@ -885,18 +888,7 @@ public class CAProcessor extends Processor { * AUDIT FUNCTIONS (to be moved to Auditor?) ******************************************/ protected void audit(String msg) { - // in this case, do NOT strip preceding/trailing whitespace - // from passed-in String parameters - - if (signedAuditLogger == null) { - return; - } - - signedAuditLogger.log(ILogger.EV_SIGNED_AUDIT, - null, - ILogger.S_SIGNED_AUDIT, - ILogger.LL_SECURITY, - msg); + signedAuditLogger.log(msg); } protected void audit(AuditEvent event) { @@ -920,10 +912,6 @@ public class CAProcessor extends Processor { * @return id string containing the signed audit log message RequesterID */ protected String auditRequesterID(IRequest request) { - // if no signed audit object exists, bail - if (signedAuditLogger == null) { - return null; - } String requesterID = ILogger.UNIDENTIFIED; @@ -940,10 +928,6 @@ public class CAProcessor extends Processor { } protected String auditSubjectID() { - // if no signed audit object exists, bail - if (signedAuditLogger == null) { - return null; - } CMS.debug("CMSServlet: in auditSubjectID"); String subjectID = null; @@ -970,10 +954,6 @@ public class CAProcessor extends Processor { } protected String auditGroupID() { - // if no signed audit object exists, bail - if (signedAuditLogger == null) { - return null; - } CMS.debug("CMSServlet: in auditGroupID"); String groupID = null; @@ -1011,10 +991,6 @@ public class CAProcessor extends Processor { * with the "auditSubjectID()" */ protected String auditGroups(String SubjectID) { - // if no signed audit object exists, bail - if (signedAuditLogger == null) { - return null; - } if ((SubjectID == null) || (SubjectID.equals(ILogger.UNIDENTIFIED))) { diff --git a/base/server/cms/src/com/netscape/cms/servlet/processors/PKIProcessor.java b/base/server/cms/src/com/netscape/cms/servlet/processors/PKIProcessor.java index e60c30a27..fb4389528 100644 --- a/base/server/cms/src/com/netscape/cms/servlet/processors/PKIProcessor.java +++ b/base/server/cms/src/com/netscape/cms/servlet/processors/PKIProcessor.java @@ -34,6 +34,8 @@ import com.netscape.certsrv.logging.AuditEvent; import com.netscape.certsrv.logging.ILogger; import com.netscape.certsrv.logging.LogCategory; import com.netscape.certsrv.request.IRequest; +import com.netscape.cms.logging.Logger; +import com.netscape.cms.logging.SignedAuditLogger; import com.netscape.cms.servlet.base.CMSServlet; import com.netscape.cms.servlet.common.ECMSGWException; @@ -50,6 +52,8 @@ import netscape.security.x509.X509CertInfo; */ public class PKIProcessor implements IPKIProcessor { + private static Logger signedAuditLogger = SignedAuditLogger.getLogger(); + public final static String ADMIN_ENROLL_SERVLET_ID = "caadminEnroll"; public static final String SUBJECT_NAME = "subject"; public static final String OLD_CERT_TYPE = "csrCertType"; @@ -63,8 +67,6 @@ public class PKIProcessor implements IPKIProcessor { protected String mServletId = null; protected CMSServlet mServlet = null; - protected ILogger mSignedAuditLogger = CMS.getSignedAuditLogger(); - public PKIProcessor() { } @@ -304,18 +306,7 @@ public class PKIProcessor implements IPKIProcessor { * @param msg signed audit log message */ protected void audit(String msg) { - // in this case, do NOT strip preceding/trailing whitespace - // from passed-in String parameters - - if (mSignedAuditLogger == null) { - return; - } - - mSignedAuditLogger.log(ILogger.EV_SIGNED_AUDIT, - null, - ILogger.S_SIGNED_AUDIT, - ILogger.LL_SECURITY, - msg); + signedAuditLogger.log(msg); } protected void audit(AuditEvent event) { @@ -339,10 +330,6 @@ public class PKIProcessor implements IPKIProcessor { * @return id string containing the signed audit log message SubjectID */ protected String auditSubjectID() { - // if no signed audit object exists, bail - if (mSignedAuditLogger == null) { - return null; - } String subjectID = null; |