diff options
| author | Endi S. Dewata <edewata@redhat.com> | 2017-05-19 00:33:26 +0200 |
|---|---|---|
| committer | Endi S. Dewata <edewata@redhat.com> | 2017-05-26 22:12:48 +0200 |
| commit | c9a9fe6e31d860c089dd2b2ee584dd0d4a9b2174 (patch) | |
| tree | 83ca0ee1e6c0d22f702be1b0f7aa5b92e6de8a65 /base/server | |
| parent | 33838ebaffcdf121c4167379f0c917b5b5b67d0e (diff) | |
| download | pki-c9a9fe6e31d860c089dd2b2ee584dd0d4a9b2174.tar.gz pki-c9a9fe6e31d860c089dd2b2ee584dd0d4a9b2174.tar.xz pki-c9a9fe6e31d860c089dd2b2ee584dd0d4a9b2174.zip | |
Added SCHEDULE_CRL_GENERATION audit event.
A new SCHEDULE_CRL_GENERATION audit event has been added which
will be generated when CRL generation is scheduled manually.
https://pagure.io/dogtagpki/issue/2651
Change-Id: I1e2fc307491e796e50b09550d66e5eba370d090a
Diffstat (limited to 'base/server')
| -rw-r--r-- | base/server/cms/src/com/netscape/cms/servlet/cert/UpdateCRL.java | 16 | ||||
| -rw-r--r-- | base/server/cmsbundle/src/LogMessages.properties | 6 |
2 files changed, 19 insertions, 3 deletions
diff --git a/base/server/cms/src/com/netscape/cms/servlet/cert/UpdateCRL.java b/base/server/cms/src/com/netscape/cms/servlet/cert/UpdateCRL.java index b4d9d2936..a9a2cd25c 100644 --- a/base/server/cms/src/com/netscape/cms/servlet/cert/UpdateCRL.java +++ b/base/server/cms/src/com/netscape/cms/servlet/cert/UpdateCRL.java @@ -45,6 +45,7 @@ import com.netscape.certsrv.common.ICMSRequest; import com.netscape.certsrv.ldap.ELdapException; import com.netscape.certsrv.logging.AuditFormat; import com.netscape.certsrv.logging.ILogger; +import com.netscape.certsrv.logging.event.ScheduleCRLGenerationEvent; import com.netscape.certsrv.publish.ILdapRule; import com.netscape.certsrv.publish.IPublisherProcessor; import com.netscape.certsrv.util.IStatsSubsystem; @@ -375,9 +376,18 @@ public class UpdateCRL extends CMSServlet { } else { - CMS.debug("UpdateCRL: scheduling CRL update"); - crlIssuingPoint.setManualUpdate(signatureAlgorithm); - header.addStringValue("crlUpdate", "Scheduled"); + try { + CMS.debug("UpdateCRL: scheduling CRL update"); + + crlIssuingPoint.setManualUpdate(signatureAlgorithm); + header.addStringValue("crlUpdate", "Scheduled"); + + audit(new ScheduleCRLGenerationEvent(auditSubjectID())); + + } catch (Exception e) { + audit(new ScheduleCRLGenerationEvent(auditSubjectID(), e)); + throw e; + } } return; diff --git a/base/server/cmsbundle/src/LogMessages.properties b/base/server/cmsbundle/src/LogMessages.properties index 689d7bc69..949009880 100644 --- a/base/server/cmsbundle/src/LogMessages.properties +++ b/base/server/cmsbundle/src/LogMessages.properties @@ -2122,6 +2122,12 @@ LOGGING_SIGNED_AUDIT_CMC_PROOF_OF_IDENTIFICATION_3=<type=CMC_PROOF_OF_IDENTIFICA # LOGGING_SIGNED_AUDIT_CMC_ID_POP_LINK_WITNESS_3=<type=CMC_ID_POP_LINK_WITNESS>:[AuditEvent=CMC_ID_POP_LINK_WITNESS][SubjectID={0}][Outcome={1}][Info={2}] Identification Proof of Possession linking witness verification # +# LOGGING_SIGNED_AUDIT_SCHEDULE_CRL_GENERATION +# - used when CRL generation is scheduled +# Outcome is "success" when CRL generation is scheduled successfully, "failure" otherwise +# +LOGGING_SIGNED_AUDIT_SCHEDULE_CRL_GENERATION=<type=SCHEDULE_CRL_GENERATION>:[AuditEvent=SCHEDULE_CRL_GENERATION][SubjectID={0}][Outcome={1}]{2} schedule for CRL generation +# # LOGGING_SIGNED_AUDIT_DELTA_CRL_GENERATION # - used when delta CRL generation is complete # Outcome is "success" when delta CRL is generated successfully, "failure" otherwise |