summaryrefslogtreecommitdiffstats
path: root/base/tps/src/org/dogtagpki/server/tps/rest/TokenService.java
diff options
context:
space:
mode:
Diffstat (limited to 'base/tps/src/org/dogtagpki/server/tps/rest/TokenService.java')
-rw-r--r--base/tps/src/org/dogtagpki/server/tps/rest/TokenService.java301
1 files changed, 244 insertions, 57 deletions
diff --git a/base/tps/src/org/dogtagpki/server/tps/rest/TokenService.java b/base/tps/src/org/dogtagpki/server/tps/rest/TokenService.java
index 958843e5b..3dcc5a547 100644
--- a/base/tps/src/org/dogtagpki/server/tps/rest/TokenService.java
+++ b/base/tps/src/org/dogtagpki/server/tps/rest/TokenService.java
@@ -47,6 +47,7 @@ import com.netscape.certsrv.base.BadRequestException;
import com.netscape.certsrv.base.PKIException;
import com.netscape.certsrv.dbs.EDBException;
import com.netscape.certsrv.ldap.LDAPExceptionConverter;
+import com.netscape.certsrv.logging.ILogger;
import com.netscape.certsrv.tps.token.TokenCollection;
import com.netscape.certsrv.tps.token.TokenData;
import com.netscape.certsrv.tps.token.TokenData.TokenStatusData;
@@ -77,13 +78,22 @@ public class TokenService extends PKIService implements TokenResource {
CMS.debug("TokenService.<init>()");
}
- public void setTokenStatus(TokenRecord tokenRecord, TokenStatus tokenState, String ipAddress, String remoteUser)
- throws Exception {
+ public void setTokenStatus(TokenRecord tokenRecord, TokenStatus tokenState, String ipAddress, String remoteUser,
+ Map<String, String> auditModParams)
+ throws Exception {
TPSSubsystem tps = (TPSSubsystem) CMS.getSubsystem(TPSSubsystem.ID);
+ String oldStatus = tokenRecord.getStatus();
+ String oldReason = tokenRecord.getReason();
+ String newStatus = String.valueOf(tokenState);
+ String newReason = null;
+
+ auditModParams.put("UserID", tokenRecord.getUserID());
+
switch (tokenState) {
case UNINITIALIZED:
tokenRecord.setStatus("uninitialized");
+ newStatus = "uninitialized";
tokenRecord.setReason(null);
break;
@@ -94,6 +104,7 @@ public class TokenService extends PKIService implements TokenResource {
}
tokenRecord.setStatus("active");
+ newStatus = "active";
tokenRecord.setReason(null);
break;
@@ -101,7 +112,9 @@ public class TokenService extends PKIService implements TokenResource {
case PERM_LOST:
case TEMP_LOST_PERM_LOST:
tokenRecord.setStatus("lost");
+ newStatus = "lost";
tokenRecord.setReason("keyCompromise");
+ newReason = "keyCompromise";
//revoke certs
tps.tdb.revokeCertsByCUID(tokenRecord.getId(), "keyCompromise", ipAddress, remoteUser);
@@ -109,7 +122,9 @@ public class TokenService extends PKIService implements TokenResource {
case DAMAGED:
tokenRecord.setStatus("lost");
+ newStatus = "lost";
tokenRecord.setReason("destroyed");
+ newReason = "destroyed";
//revoke certs
tps.tdb.revokeCertsByCUID(tokenRecord.getId(), "destroyed", ipAddress, remoteUser);
@@ -118,7 +133,9 @@ public class TokenService extends PKIService implements TokenResource {
case TEMP_LOST:
tokenRecord.setStatus("lost");
+ newStatus = "lost";
tokenRecord.setReason("onHold");
+ newReason = "onHold";
// put certs onHold
tps.tdb.revokeCertsByCUID(tokenRecord.getId(), "onHold", ipAddress, remoteUser);
@@ -134,16 +151,24 @@ public class TokenService extends PKIService implements TokenResource {
reason = "onHold";
}
tokenRecord.setStatus("terminated");
+ newStatus = "terminated";
tokenRecord.setReason(reason);
+ newReason = reason;
//revoke certs
- tps.tdb.revokeCertsByCUID(tokenRecord.getId(), reason, ipAddress, remoteUser) ;
+ tps.tdb.revokeCertsByCUID(tokenRecord.getId(), reason, ipAddress, remoteUser);
break;
default:
- throw new PKIException("Unsupported token state: " + tokenState);
+ PKIException e = new PKIException("Unsupported token state: " + tokenState);
+ auditTokenStateChange(ILogger.FAILURE, oldStatus,
+ newStatus, oldReason, newReason,
+ auditModParams, e.toString());
+ throw e;
}
+ auditTokenStateChange(ILogger.SUCCESS, oldStatus, newStatus, oldReason, newReason, auditModParams, null);
+
}
public TokenData createTokenData(TokenRecord tokenRecord) throws Exception {
@@ -232,7 +257,7 @@ public class TokenService extends PKIService implements TokenResource {
size = size == null ? DEFAULT_SIZE : size;
try {
- TPSSubsystem subsystem = (TPSSubsystem)CMS.getSubsystem(TPSSubsystem.ID);
+ TPSSubsystem subsystem = (TPSSubsystem) CMS.getSubsystem(TPSSubsystem.ID);
TokenDatabase database = subsystem.getTokenDatabase();
Iterator<TokenRecord> tokens = database.findRecords(filter, attributes).iterator();
@@ -241,24 +266,26 @@ public class TokenService extends PKIService implements TokenResource {
int i = 0;
// skip to the start of the page
- for ( ; i<start && tokens.hasNext(); i++) tokens.next();
+ for (; i < start && tokens.hasNext(); i++)
+ tokens.next();
// return entries up to the page size
- for ( ; i<start+size && tokens.hasNext(); i++) {
+ for (; i < start + size && tokens.hasNext(); i++) {
response.addEntry(createTokenData(tokens.next()));
}
// count the total entries
- for ( ; tokens.hasNext(); i++) tokens.next();
+ for (; tokens.hasNext(); i++)
+ tokens.next();
response.setTotal(i);
if (start > 0) {
- URI uri = uriInfo.getRequestUriBuilder().replaceQueryParam("start", Math.max(start-size, 0)).build();
+ URI uri = uriInfo.getRequestUriBuilder().replaceQueryParam("start", Math.max(start - size, 0)).build();
response.addLink(new Link("prev", uri));
}
- if (start+size < i) {
- URI uri = uriInfo.getRequestUriBuilder().replaceQueryParam("start", start+size).build();
+ if (start + size < i) {
+ URI uri = uriInfo.getRequestUriBuilder().replaceQueryParam("start", start + size).build();
response.addLink(new Link("next", uri));
}
@@ -267,7 +294,7 @@ public class TokenService extends PKIService implements TokenResource {
} catch (EDBException e) {
Throwable t = e.getCause();
if (t != null && t instanceof LDAPException) {
- throw LDAPExceptionConverter.toPKIException((LDAPException)t);
+ throw LDAPExceptionConverter.toPKIException((LDAPException) t);
}
throw new PKIException(e);
@@ -283,12 +310,13 @@ public class TokenService extends PKIService implements TokenResource {
@Override
public Response getToken(String tokenID) {
- if (tokenID == null) throw new BadRequestException("Token ID is null.");
+ if (tokenID == null)
+ throw new BadRequestException("Token ID is null.");
CMS.debug("TokenService.getToken(\"" + tokenID + "\")");
try {
- TPSSubsystem subsystem = (TPSSubsystem)CMS.getSubsystem(TPSSubsystem.ID);
+ TPSSubsystem subsystem = (TPSSubsystem) CMS.getSubsystem(TPSSubsystem.ID);
TokenDatabase database = subsystem.getTokenDatabase();
return createOKResponse(createTokenData(database.getRecord(tokenID)));
@@ -296,7 +324,7 @@ public class TokenService extends PKIService implements TokenResource {
} catch (EDBException e) {
Throwable t = e.getCause();
if (t != null && t instanceof LDAPException) {
- throw LDAPExceptionConverter.toPKIException((LDAPException)t);
+ throw LDAPExceptionConverter.toPKIException((LDAPException) t);
}
throw new PKIException(e);
@@ -311,16 +339,25 @@ public class TokenService extends PKIService implements TokenResource {
@Override
public Response addToken(TokenData tokenData) {
-
- if (tokenData == null) throw new BadRequestException("Token data is null.");
+ String method = "TokenService.addToken";
+ Map<String, String> auditModParams = new HashMap<String, String>();
+
+ if (tokenData == null) {
+ BadRequestException ex = new BadRequestException("Token data is null.");
+ auditConfigTokenGeneral(ILogger.FAILURE, method, null,
+ ex.toString());
+ throw ex;
+ }
String tokenID = tokenData.getTokenID();
+ auditModParams.put("tokenID", tokenID);
+
CMS.debug("TokenService.addToken(\"" + tokenID + "\")");
String remoteUser = servletRequest.getRemoteUser();
String ipAddress = servletRequest.getRemoteAddr();
- TPSSubsystem subsystem = (TPSSubsystem)CMS.getSubsystem(TPSSubsystem.ID);
+ TPSSubsystem subsystem = (TPSSubsystem) CMS.getSubsystem(TPSSubsystem.ID);
TokenRecord tokenRecord = null;
String msg = "add token";
@@ -333,20 +370,25 @@ public class TokenService extends PKIService implements TokenResource {
String userID = tokenData.getUserID();
if (StringUtils.isNotEmpty(userID)) {
tokenRecord.setUserID(userID);
+ auditModParams.put("userID", userID);
}
String policy = tokenData.getPolicy();
if (StringUtils.isNotEmpty(policy)) {
tokenRecord.setPolicy(policy);
+ auditModParams.put("Policy", policy);
}
// new tokens are uninitialized when created
tokenRecord.setStatus("uninitialized");
+ auditModParams.put("Status", "uninitialized");
database.addRecord(tokenID, tokenRecord);
subsystem.tdb.tdbActivity(ActivityDatabase.OP_ADD, tokenRecord,
- ipAddress, msg, "success", remoteUser);
+ ipAddress, msg, "success", remoteUser);
tokenData = createTokenData(database.getRecord(tokenID));
+ auditConfigTokenRecord(ILogger.SUCCESS, method, tokenID,
+ auditModParams, null);
return createCreatedResponse(tokenData, tokenData.getLink().getHref());
@@ -355,35 +397,52 @@ public class TokenService extends PKIService implements TokenResource {
msg = msg + ": " + e.getMessage();
subsystem.tdb.tdbActivity(ActivityDatabase.OP_ADD, tokenRecord,
- ipAddress, msg, "failure", remoteUser);
+ ipAddress, msg, "failure", remoteUser);
if (e instanceof EDBException) {
Throwable t = e.getCause();
if (t != null && t instanceof LDAPException) {
- throw LDAPExceptionConverter.toPKIException((LDAPException)t);
+ PKIException ex = LDAPExceptionConverter.toPKIException((LDAPException) t);
+ auditConfigTokenRecord(ILogger.FAILURE, method, tokenID,
+ auditModParams, ex.toString());
+ throw ex;
}
}
if (e instanceof PKIException) {
- throw (PKIException)e;
+ auditConfigTokenRecord(ILogger.FAILURE, method, tokenID,
+ auditModParams, e.toString());
+ throw (PKIException) e;
}
+ auditConfigTokenRecord(ILogger.FAILURE, method, tokenID,
+ auditModParams, e.toString());
throw new PKIException(e);
}
}
@Override
public Response replaceToken(String tokenID, TokenData tokenData) {
+ String method = "TokenService.replaceToken";
+ Map<String, String> auditModParams = new HashMap<String, String>();
- if (tokenID == null) throw new BadRequestException("Token ID is null.");
- if (tokenData == null) throw new BadRequestException("Token data is null.");
+ if (tokenID == null) {
+ auditConfigTokenGeneral(ILogger.FAILURE, method, null,
+ "Token ID is null.");
+ throw new BadRequestException("Token ID is null.");
+ }
+ if (tokenData == null) {
+ auditConfigTokenGeneral(ILogger.FAILURE, method, auditModParams,
+ "Token data is null.");
+ throw new BadRequestException("Token data is null.");
+ }
CMS.debug("TokenService.replaceToken(\"" + tokenID + "\")");
String remoteUser = servletRequest.getRemoteUser();
String ipAddress = servletRequest.getRemoteAddr();
- TPSSubsystem subsystem = (TPSSubsystem)CMS.getSubsystem(TPSSubsystem.ID);
+ TPSSubsystem subsystem = (TPSSubsystem) CMS.getSubsystem(TPSSubsystem.ID);
TokenRecord tokenRecord = null;
String msg = "replace token";
try {
@@ -391,15 +450,22 @@ public class TokenService extends PKIService implements TokenResource {
tokenRecord = database.getRecord(tokenID);
tokenRecord.setUserID(remoteUser);
+ auditModParams.put("userID", remoteUser);
tokenRecord.setType(tokenData.getType());
+ auditModParams.put("type", tokenData.getType());
tokenRecord.setAppletID(tokenData.getAppletID());
+ auditModParams.put("appletID", tokenData.getAppletID());
tokenRecord.setKeyInfo(tokenData.getKeyInfo());
+ auditModParams.put("keyInfo", tokenData.getKeyInfo());
tokenRecord.setPolicy(tokenData.getPolicy());
+ auditModParams.put("Policy", tokenData.getPolicy());
database.updateRecord(tokenID, tokenRecord);
subsystem.tdb.tdbActivity(ActivityDatabase.OP_DO_TOKEN, tokenRecord,
- ipAddress, msg, "success", remoteUser);
+ ipAddress, msg, "success", remoteUser);
tokenData = createTokenData(database.getRecord(tokenID));
+ auditConfigTokenRecord(ILogger.SUCCESS, method, tokenID,
+ auditModParams, null);
return createOKResponse(tokenData);
@@ -408,36 +474,55 @@ public class TokenService extends PKIService implements TokenResource {
msg = msg + ": " + e.getMessage();
subsystem.tdb.tdbActivity(ActivityDatabase.OP_DO_TOKEN, tokenRecord,
- ipAddress, msg, "failure",
- remoteUser);
+ ipAddress, msg, "failure",
+ remoteUser);
if (e instanceof EDBException) {
Throwable t = e.getCause();
if (t != null && t instanceof LDAPException) {
- throw LDAPExceptionConverter.toPKIException((LDAPException)t);
+ PKIException ex = LDAPExceptionConverter.toPKIException((LDAPException) t);
+ auditConfigTokenRecord(ILogger.FAILURE, method, tokenID,
+ auditModParams, ex.toString());
+ throw ex;
}
}
if (e instanceof PKIException) {
- throw (PKIException)e;
+ auditConfigTokenRecord(ILogger.FAILURE, method, tokenID,
+ auditModParams, e.toString());
+ throw (PKIException) e;
}
+ auditConfigTokenRecord(ILogger.FAILURE, method, tokenID,
+ auditModParams, e.toString());
throw new PKIException(e);
}
}
@Override
public Response modifyToken(String tokenID, TokenData tokenData) {
+ String method = "TokenService.modifyToken";
+ Map<String, String> auditModParams = new HashMap<String, String>();
- if (tokenID == null) throw new BadRequestException("Token ID is null.");
- if (tokenData == null) throw new BadRequestException("Token data is null.");
+ if (tokenID == null) {
+ BadRequestException e = new BadRequestException("Token ID is null.");
+ auditConfigTokenRecord(ILogger.FAILURE, "modify", tokenID,
+ auditModParams, e.toString());
+ throw e;
+ }
+ if (tokenData == null) {
+ BadRequestException e = new BadRequestException("Token data is null.");
+ auditConfigTokenRecord(ILogger.FAILURE, "modify", tokenID,
+ auditModParams, e.toString());
+ throw e;
+ }
CMS.debug("TokenService.modifyToken(\"" + tokenID + "\")");
String remoteUser = servletRequest.getRemoteUser();
String ipAddress = servletRequest.getRemoteAddr();
- TPSSubsystem subsystem = (TPSSubsystem)CMS.getSubsystem(TPSSubsystem.ID);
+ TPSSubsystem subsystem = (TPSSubsystem) CMS.getSubsystem(TPSSubsystem.ID);
TokenRecord tokenRecord = null;
String msg = "modify token";
try {
@@ -453,6 +538,7 @@ public class TokenService extends PKIService implements TokenResource {
tokenRecord.setUserID(null);
} else { // otherwise replace value
tokenRecord.setUserID(userID);
+ auditModParams.put("userID", userID);
}
}
@@ -463,14 +549,17 @@ public class TokenService extends PKIService implements TokenResource {
tokenRecord.setPolicy(null);
} else { //otherwise replace value
tokenRecord.setPolicy(policy);
+ auditModParams.put("Policy", policy);
}
}
database.updateRecord(tokenID, tokenRecord);
subsystem.tdb.tdbActivity(ActivityDatabase.OP_DO_TOKEN, tokenRecord,
- ipAddress, msg, "success", remoteUser);
+ ipAddress, msg, "success", remoteUser);
tokenData = createTokenData(database.getRecord(tokenID));
+ auditConfigTokenRecord(ILogger.SUCCESS, method, tokenID,
+ auditModParams, null);
return createOKResponse(tokenData);
@@ -479,36 +568,61 @@ public class TokenService extends PKIService implements TokenResource {
msg = msg + ": " + e.getMessage();
subsystem.tdb.tdbActivity(ActivityDatabase.OP_DO_TOKEN, tokenRecord,
- ipAddress, msg, "failure",
- remoteUser);
+ ipAddress, msg, "failure",
+ remoteUser);
if (e instanceof EDBException) {
Throwable t = e.getCause();
if (t != null && t instanceof LDAPException) {
- throw LDAPExceptionConverter.toPKIException((LDAPException)t);
+ PKIException ex = LDAPExceptionConverter.toPKIException((LDAPException) t);
+ auditConfigTokenRecord(ILogger.FAILURE, method, tokenID,
+ auditModParams, ex.toString());
+ throw ex;
}
}
if (e instanceof PKIException) {
- throw (PKIException)e;
+ auditConfigTokenRecord(ILogger.FAILURE, method, tokenID,
+ auditModParams, e.toString());
+ throw (PKIException) e;
}
+ auditConfigTokenRecord(ILogger.FAILURE, method, tokenID,
+ auditModParams, e.toString());
throw new PKIException(e);
}
}
@Override
public Response changeTokenStatus(String tokenID, TokenStatus tokenStatus) {
+ String method = "TokenService.changeTokenStatus";
+ Map<String, String> auditModParams = new HashMap<String, String>();
- if (tokenID == null) throw new BadRequestException("Token ID is null.");
- if (tokenStatus == null) throw new BadRequestException("Token state is null.");
+ if (tokenID == null) {
+ auditConfigTokenGeneral(ILogger.FAILURE, method, null,
+ "Token ID is null.");
+ throw new BadRequestException("Token ID is null.");
+ }
+ auditModParams.put("tokenID", tokenID);
+ if (tokenStatus == null) {
+ auditConfigTokenGeneral(ILogger.FAILURE, method, null,
+ "Token state is null.");
+ throw new BadRequestException("Token state is null.");
+ }
+ auditModParams.put("tokenStatus", tokenStatus.toString());
CMS.debug("TokenService.changeTokenStatus(\"" + tokenID + "\", \"" + tokenStatus + "\")");
String remoteUser = servletRequest.getRemoteUser();
String ipAddress = servletRequest.getRemoteAddr();
- TPSSubsystem subsystem = (TPSSubsystem)CMS.getSubsystem(TPSSubsystem.ID);
+ TPSSubsystem subsystem = (TPSSubsystem) CMS.getSubsystem(TPSSubsystem.ID);
+ // for auditing
+ String oldStatus = null;
+ String oldReason = null;
+ String newStatus = null;
+ String newReason = null;
+
TokenRecord tokenRecord = null;
String msg = "change token status";
try {
@@ -518,6 +632,10 @@ public class TokenService extends PKIService implements TokenResource {
TokenStatus currentTokenStatus = tokenRecord.getTokenStatus();
CMS.debug("TokenService.changeTokenStatus(): current status: " + currentTokenStatus);
+ oldStatus = tokenRecord.getStatus();
+ oldReason = tokenRecord.getReason();
+ newStatus = String.valueOf(tokenStatus);
+
if (currentTokenStatus == tokenStatus) {
CMS.debug("TokenService.changeTokenStatus(): no status change, no activity log generated");
@@ -533,15 +651,20 @@ public class TokenService extends PKIService implements TokenResource {
if (!nextStatuses.contains(tokenStatus)) {
CMS.debug("TokenService.changeTokenStatus(): next status not allowed: " + tokenStatus);
- throw new BadRequestException("Invalid token status transition");
+ Exception ex = new BadRequestException("Invalid token status transition");
+ auditTokenStateChange(ILogger.FAILURE, oldStatus,
+ newStatus, oldReason, newReason,
+ auditModParams, ex.toString());
+ throw ex;
}
CMS.debug("TokenService.changeTokenStatus(): next status allowed: " + tokenStatus);
- setTokenStatus(tokenRecord, tokenStatus, ipAddress, remoteUser);
+ // audit in setTokenStatus()
+ setTokenStatus(tokenRecord, tokenStatus, ipAddress, remoteUser, auditModParams);
database.updateRecord(tokenID, tokenRecord);
subsystem.tdb.tdbActivity(ActivityDatabase.OP_DO_TOKEN, tokenRecord,
- ipAddress, msg, "success",
- remoteUser);
+ ipAddress, msg, "success",
+ remoteUser);
TokenData tokenData = createTokenData(database.getRecord(tokenID));
@@ -552,35 +675,52 @@ public class TokenService extends PKIService implements TokenResource {
msg = msg + ": " + e.getMessage();
subsystem.tdb.tdbActivity(ActivityDatabase.OP_DO_TOKEN, tokenRecord,
- ipAddress, msg, "failure",
- remoteUser);
+ ipAddress, msg, "failure",
+ remoteUser);
if (e instanceof EDBException) {
Throwable t = e.getCause();
if (t != null && t instanceof LDAPException) {
- throw LDAPExceptionConverter.toPKIException((LDAPException)t);
+ PKIException ex = LDAPExceptionConverter.toPKIException((LDAPException) t);
+ auditTokenStateChange(ILogger.FAILURE, oldStatus,
+ newStatus, oldReason, newReason,
+ auditModParams, ex.toString());
+ throw ex;
}
}
if (e instanceof PKIException) {
- throw (PKIException)e;
+ auditTokenStateChange(ILogger.FAILURE, oldStatus,
+ newStatus, oldReason, newReason,
+ auditModParams, e.toString());
+ throw (PKIException) e;
}
+ auditTokenStateChange(ILogger.FAILURE, oldStatus,
+ newStatus, oldReason, newReason,
+ auditModParams, e.toString());
throw new PKIException(e);
}
}
@Override
public Response removeToken(String tokenID) {
-
- if (tokenID == null) throw new BadRequestException("Token ID is null.");
+ String method = "TokenService.removeToken";
+ Map<String, String> auditModParams = new HashMap<String, String>();
+
+ if (tokenID == null) {
+ BadRequestException ex = new BadRequestException("Token ID is null.");
+ auditConfigTokenRecord(ILogger.FAILURE, method, tokenID,
+ auditModParams, ex.toString());
+ throw ex;
+ }
CMS.debug("TokenService.removeToken(\"" + tokenID + "\")");
String remoteUser = servletRequest.getRemoteUser();
String ipAddress = servletRequest.getRemoteAddr();
- TPSSubsystem subsystem = (TPSSubsystem)CMS.getSubsystem(TPSSubsystem.ID);
+ TPSSubsystem subsystem = (TPSSubsystem) CMS.getSubsystem(TPSSubsystem.ID);
TokenRecord tokenRecord = null;
String msg = "remove token";
try {
@@ -592,8 +732,10 @@ public class TokenService extends PKIService implements TokenResource {
subsystem.tdb.tdbRemoveCertificatesByCUID(tokenRecord.getId());
database.removeRecord(tokenID);
+ auditConfigTokenRecord(ILogger.SUCCESS, method, tokenID,
+ auditModParams, null);
subsystem.tdb.tdbActivity(ActivityDatabase.OP_DELETE, tokenRecord,
- ipAddress, msg, "success", remoteUser);
+ ipAddress, msg, "success", remoteUser);
return createNoContentResponse();
@@ -602,21 +744,66 @@ public class TokenService extends PKIService implements TokenResource {
msg = msg + ": " + e.getMessage();
subsystem.tdb.tdbActivity(ActivityDatabase.OP_DELETE, tokenRecord,
- ipAddress, msg, "failure",
- remoteUser);
+ ipAddress, msg, "failure",
+ remoteUser);
if (e instanceof EDBException) {
Throwable t = e.getCause();
if (t != null && t instanceof LDAPException) {
- throw LDAPExceptionConverter.toPKIException((LDAPException)t);
+ PKIException ex = LDAPExceptionConverter.toPKIException((LDAPException) t);
+ auditConfigTokenRecord(ILogger.FAILURE, method, tokenID,
+ auditModParams, ex.toString());
+ throw ex;
}
}
if (e instanceof PKIException) {
- throw (PKIException)e;
+ auditConfigTokenRecord(ILogger.FAILURE, method, tokenID,
+ auditModParams, e.toString());
+ throw (PKIException) e;
}
+ auditConfigTokenRecord(ILogger.FAILURE, method, tokenID,
+ auditModParams, e.toString());
throw new PKIException(e);
}
}
+
+ /*
+ * Service can be any of the methods offered
+ */
+ public void auditConfigTokenRecord(String status, String service, String tokenID, Map<String, String> params,
+ String info) {
+
+ String msg = CMS.getLogMessage(
+ "LOGGING_SIGNED_AUDIT_CONFIG_TOKEN_RECORD_6",
+ servletRequest.getUserPrincipal().getName(),
+ status,
+ service,
+ tokenID,
+ auditor.getParamString(null, params),
+ info);
+ auditor.log(msg);
+
+ }
+
+ /*
+ *
+ */
+ public void auditTokenStateChange(String status, String oldState, String newState, String oldReason,
+ String newReason, Map<String, String> params, String info) {
+
+ String msg = CMS.getLogMessage(
+ "LOGGING_SIGNED_AUDIT_TOKEN_STATE_CHANGE_8",
+ servletRequest.getUserPrincipal().getName(),
+ status,
+ oldState,
+ oldReason,
+ newState,
+ newReason,
+ auditor.getParamString(null, params),
+ info);
+ auditor.log(msg);
+
+ }
}
generated by cgit (git 2.34.1) at 2024-05-06 20:40:43 +0000