From fdcb514b0711f10eab47c81837138192207e44b4 Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata" <edewata@redhat.com>
Date: Thu, 20 Apr 2017 16:30:18 +0200
Subject: Added AuthzSuccessEvent.

A new AuthzSuccessEvent class of has been added to encapsulate the
AUTHZ_SUCCESS events.

https://pagure.io/dogtagpki/issue/2641

Change-Id: I2f45fb2c3ba8acdc82777644cf4ad0ec2eff35a5
---
 .../org/dogtagpki/server/rest/ACLInterceptor.java  | 27 +++++++++++-----------
 1 file changed, 13 insertions(+), 14 deletions(-)

(limited to 'base/server/cms/src/org')

diff --git a/base/server/cms/src/org/dogtagpki/server/rest/ACLInterceptor.java b/base/server/cms/src/org/dogtagpki/server/rest/ACLInterceptor.java
index 331bae160..490eaed7c 100644
--- a/base/server/cms/src/org/dogtagpki/server/rest/ACLInterceptor.java
+++ b/base/server/cms/src/org/dogtagpki/server/rest/ACLInterceptor.java
@@ -47,6 +47,7 @@ import com.netscape.certsrv.base.EBaseException;
 import com.netscape.certsrv.base.ForbiddenException;
 import com.netscape.certsrv.logging.AuditEvent;
 import com.netscape.certsrv.logging.ILogger;
+import com.netscape.certsrv.logging.event.AuthzSuccessEvent;
 import com.netscape.cms.realm.PKIPrincipal;
 
 /**
@@ -189,15 +190,14 @@ public class ACLInterceptor implements ContainerRequestFilter {
         // If still not available, it's unprotected, allow request.
         if (!authzRequired) {
             CMS.debug("ACLInterceptor: No ACL mapping; authz not required.");
-            // store a message in the signed audit log file
-            auditMessage = CMS.getLogMessage(
-                        AuditEvent.AUTHZ_SUCCESS_INFO,
+
+            audit(new AuthzSuccessEvent(
                         auditSubjectID,
                         ILogger.SUCCESS,
                         null, //resource
                         null, //operation
-                        LOGGING_MISSING_ACL_MAPPING + ":" + auditInfo); //info
-            audit(auditMessage);
+                        LOGGING_MISSING_ACL_MAPPING + ":" + auditInfo)); //info
+
             return;
         }
 
@@ -230,14 +230,14 @@ public class ACLInterceptor implements ContainerRequestFilter {
         // If no property defined, allow request.
         if (value == null) {
             CMS.debug("ACLInterceptor: No ACL configuration.");
-            // store a message in the signed audit log file
-            auditMessage = CMS.getLogMessage(
-                    AuditEvent.AUTHZ_SUCCESS_INFO,
+
+            audit(new AuthzSuccessEvent(
                     auditSubjectID,
                     ILogger.SUCCESS,
                     null, //resource
                     null, //operation
-                    LOGGING_NO_ACL_ACCESS_ALLOWED + ":" + auditInfo);
+                    LOGGING_NO_ACL_ACCESS_ALLOWED + ":" + auditInfo));
+
             return;
         }
 
@@ -317,15 +317,14 @@ public class ACLInterceptor implements ContainerRequestFilter {
         }
 
         // Allow request.
-        // store a message in the signed audit log file
-        auditMessage = CMS.getLogMessage(
-                    AuditEvent.AUTHZ_SUCCESS_INFO,
+
+        audit(new AuthzSuccessEvent(
                     auditSubjectID,
                     ILogger.SUCCESS,
                     values[0], // resource
                     values[1], // operation
-                    auditInfo);
-        audit(auditMessage);
+                    auditInfo));
+
         return;
     }
 
-- 
cgit