summaryrefslogtreecommitdiffstats
path: root/base/server/cms/src/com
diff options
context:
space:
mode:
authorEndi S. Dewata <edewata@redhat.com>2017-04-20 16:49:28 +0200
committerEndi S. Dewata <edewata@redhat.com>2017-04-24 20:41:19 +0200
commit30d1575046065dbd79f537e5f819c405e45af0bc (patch)
tree3043907073e9e092763cf5fa8570b485d24dde28 /base/server/cms/src/com
parentfdcb514b0711f10eab47c81837138192207e44b4 (diff)
Added AuthzFailEvent.
A new AuthzFailEvent class of has been added to encapsulate the AUTHZ_FAIL events. https://pagure.io/dogtagpki/issue/2641 Change-Id: Id4ab9bd889a1a9314264c0ef2ff7b2389aed8f9c
Diffstat (limited to 'base/server/cms/src/com')
-rw-r--r--base/server/cms/src/com/netscape/cms/servlet/admin/AdminServlet.java26
-rw-r--r--base/server/cms/src/com/netscape/cms/servlet/base/CMSServlet.java44
-rw-r--r--base/server/cms/src/com/netscape/cms/servlet/processors/CAProcessor.java35
3 files changed, 37 insertions, 68 deletions
diff --git a/base/server/cms/src/com/netscape/cms/servlet/admin/AdminServlet.java b/base/server/cms/src/com/netscape/cms/servlet/admin/AdminServlet.java
index adf942422..ecc6a7d7d 100644
--- a/base/server/cms/src/com/netscape/cms/servlet/admin/AdminServlet.java
+++ b/base/server/cms/src/com/netscape/cms/servlet/admin/AdminServlet.java
@@ -54,6 +54,7 @@ import com.netscape.certsrv.logging.IAuditor;
import com.netscape.certsrv.logging.ILogger;
import com.netscape.certsrv.logging.event.AuthFailEvent;
import com.netscape.certsrv.logging.event.AuthSuccessEvent;
+import com.netscape.certsrv.logging.event.AuthzFailEvent;
import com.netscape.certsrv.logging.event.AuthzSuccessEvent;
import com.netscape.certsrv.usrgrp.EUsrGrpException;
import com.netscape.certsrv.usrgrp.IUGSubsystem;
@@ -611,15 +612,11 @@ public class AdminServlet extends HttpServlet {
} catch (EAuthzAccessDenied e) {
log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString()));
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- AuditEvent.AUTHZ_FAIL,
+ audit(new AuthzFailEvent(
auditSubjectID,
ILogger.FAILURE,
auditACLResource,
- auditOperation);
-
- audit(auditMessage);
+ auditOperation));
// store a message in the signed audit log file
auditMessage = CMS.getLogMessage(
@@ -634,15 +631,11 @@ public class AdminServlet extends HttpServlet {
} catch (EBaseException e) {
log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString()));
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- AuditEvent.AUTHZ_FAIL,
+ audit(new AuthzFailEvent(
auditSubjectID,
ILogger.FAILURE,
auditACLResource,
- auditOperation);
-
- audit(auditMessage);
+ auditOperation));
// store a message in the signed audit log file
auditMessage = CMS.getLogMessage(
@@ -655,15 +648,12 @@ public class AdminServlet extends HttpServlet {
return null;
} catch (Exception e) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- AuditEvent.AUTHZ_FAIL,
+
+ audit(new AuthzFailEvent(
auditSubjectID,
ILogger.FAILURE,
auditACLResource,
- auditOperation);
-
- audit(auditMessage);
+ auditOperation));
// store a message in the signed audit log file
auditMessage = CMS.getLogMessage(
diff --git a/base/server/cms/src/com/netscape/cms/servlet/base/CMSServlet.java b/base/server/cms/src/com/netscape/cms/servlet/base/CMSServlet.java
index c70f55ae6..afb109a68 100644
--- a/base/server/cms/src/com/netscape/cms/servlet/base/CMSServlet.java
+++ b/base/server/cms/src/com/netscape/cms/servlet/base/CMSServlet.java
@@ -68,6 +68,7 @@ import com.netscape.certsrv.logging.AuditEvent;
import com.netscape.certsrv.logging.ILogger;
import com.netscape.certsrv.logging.event.AuthFailEvent;
import com.netscape.certsrv.logging.event.AuthSuccessEvent;
+import com.netscape.certsrv.logging.event.AuthzFailEvent;
import com.netscape.certsrv.logging.event.AuthzSuccessEvent;
import com.netscape.certsrv.ra.IRegistrationAuthority;
import com.netscape.certsrv.request.IRequest;
@@ -1839,14 +1840,12 @@ public abstract class CMSServlet extends HttpServlet {
audit(auditMessage);
} else {
- auditMessage = CMS.getLogMessage(
- AuditEvent.AUTHZ_FAIL,
+
+ audit(new AuthzFailEvent(
auditSubjectID,
ILogger.FAILURE,
auditACLResource,
- auditOperation);
-
- audit(auditMessage);
+ auditOperation));
auditMessage = CMS.getLogMessage(
AuditEvent.ROLE_ASSUME,
@@ -1858,14 +1857,12 @@ public abstract class CMSServlet extends HttpServlet {
}
return authzToken;
} catch (Exception e) {
- auditMessage = CMS.getLogMessage(
- AuditEvent.AUTHZ_FAIL,
+
+ audit(new AuthzFailEvent(
auditSubjectID,
ILogger.FAILURE,
auditACLResource,
- auditOperation);
-
- audit(auditMessage);
+ auditOperation));
auditMessage = CMS.getLogMessage(
AuditEvent.ROLE_ASSUME,
@@ -1970,15 +1967,12 @@ public abstract class CMSServlet extends HttpServlet {
audit(auditMessage);
} else {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- AuditEvent.AUTHZ_FAIL,
+
+ audit(new AuthzFailEvent(
auditSubjectID,
ILogger.FAILURE,
auditACLResource,
- auditOperation);
-
- audit(auditMessage);
+ auditOperation));
// store a message in the signed audit log file
auditMessage = CMS.getLogMessage(
@@ -1992,15 +1986,12 @@ public abstract class CMSServlet extends HttpServlet {
return authzTok;
} catch (EBaseException eAudit1) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- AuditEvent.AUTHZ_FAIL,
+
+ audit(new AuthzFailEvent(
auditSubjectID,
ILogger.FAILURE,
auditACLResource,
- auditOperation);
-
- audit(auditMessage);
+ auditOperation));
// store a message in the signed audit log file
auditMessage = CMS.getLogMessage(
@@ -2013,15 +2004,12 @@ public abstract class CMSServlet extends HttpServlet {
return null;
} catch (Exception eAudit1) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- AuditEvent.AUTHZ_FAIL,
+
+ audit(new AuthzFailEvent(
auditSubjectID,
ILogger.FAILURE,
auditACLResource,
- auditOperation);
-
- audit(auditMessage);
+ auditOperation));
// store a message in the signed audit log file
auditMessage = CMS.getLogMessage(
diff --git a/base/server/cms/src/com/netscape/cms/servlet/processors/CAProcessor.java b/base/server/cms/src/com/netscape/cms/servlet/processors/CAProcessor.java
index 8760caf4d..1d04f3a85 100644
--- a/base/server/cms/src/com/netscape/cms/servlet/processors/CAProcessor.java
+++ b/base/server/cms/src/com/netscape/cms/servlet/processors/CAProcessor.java
@@ -55,6 +55,7 @@ import com.netscape.certsrv.logging.AuditEvent;
import com.netscape.certsrv.logging.ILogger;
import com.netscape.certsrv.logging.event.AuthFailEvent;
import com.netscape.certsrv.logging.event.AuthSuccessEvent;
+import com.netscape.certsrv.logging.event.AuthzFailEvent;
import com.netscape.certsrv.logging.event.AuthzSuccessEvent;
import com.netscape.certsrv.profile.IProfile;
import com.netscape.certsrv.profile.IProfileAuthenticator;
@@ -724,14 +725,12 @@ public class CAProcessor extends Processor {
audit(auditMessage);
} else {
- auditMessage = CMS.getLogMessage(
- AuditEvent.AUTHZ_FAIL,
+
+ audit(new AuthzFailEvent(
auditSubjectID,
ILogger.FAILURE,
auditACLResource,
- auditOperation);
-
- audit(auditMessage);
+ auditOperation));
auditMessage = CMS.getLogMessage(
AuditEvent.ROLE_ASSUME,
@@ -743,14 +742,12 @@ public class CAProcessor extends Processor {
}
return authzToken;
} catch (EBaseException e) {
- auditMessage = CMS.getLogMessage(
- AuditEvent.AUTHZ_FAIL,
+
+ audit(new AuthzFailEvent(
auditSubjectID,
ILogger.FAILURE,
auditACLResource,
- auditOperation);
-
- audit(auditMessage);
+ auditOperation));
auditMessage = CMS.getLogMessage(
AuditEvent.ROLE_ASSUME,
@@ -854,15 +851,12 @@ public class CAProcessor extends Processor {
audit(auditMessage);
} else {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- AuditEvent.AUTHZ_FAIL,
+
+ audit(new AuthzFailEvent(
auditSubjectID,
ILogger.FAILURE,
auditACLResource,
- auditOperation);
-
- audit(auditMessage);
+ auditOperation));
// store a message in the signed audit log file
auditMessage = CMS.getLogMessage(
@@ -876,15 +870,12 @@ public class CAProcessor extends Processor {
return authzTok;
} catch (Exception eAudit1) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- AuditEvent.AUTHZ_FAIL,
+
+ audit(new AuthzFailEvent(
auditSubjectID,
ILogger.FAILURE,
auditACLResource,
- auditOperation);
-
- audit(auditMessage);
+ auditOperation));
// store a message in the signed audit log file
auditMessage = CMS.getLogMessage(
generated by cgit (git 2.34.1) at 2026-03-15 19:01:25 +0000