Examples with Audit org.apereo.inspektr.audit.annotation.Audit used on opensource projects

Example 16 with Audit

use of org.apereo.inspektr.audit.annotation.Audit in project cas by apereo.

the class LdapPasswordManagementService method change.

@Audit(action = "CHANGE_PASSWORD", actionResolverName = "CHANGE_PASSWORD_ACTION_RESOLVER", resourceResolverName = "CHANGE_PASSWORD_RESOURCE_RESOLVER")
@Override
public boolean change(final Credential credential, final PasswordChangeBean bean) {
    Assert.notNull(credential, "Credential cannot be null");
    Assert.notNull(bean, "PasswordChangeBean cannot be null");
    try {
        final PasswordManagementProperties.Ldap ldap = passwordManagementProperties.getLdap();
        final UsernamePasswordCredential c = (UsernamePasswordCredential) credential;
        final SearchFilter filter = Beans.newLdaptiveSearchFilter(ldap.getUserFilter(), Beans.LDAP_SEARCH_FILTER_DEFAULT_PARAM_NAME, Arrays.asList(c.getId()));
        LOGGER.debug("Constructed LDAP filter [{}] to update account password", filter);
        final ConnectionFactory factory = Beans.newLdaptivePooledConnectionFactory(ldap);
        final Response<SearchResult> response = LdapUtils.executeSearchOperation(factory, ldap.getBaseDn(), filter);
        LOGGER.debug("LDAP response to update password is [{}]", response);
        if (LdapUtils.containsResultEntry(response)) {
            final String dn = response.getResult().getEntry().getDn();
            LOGGER.debug("Updating account password for [{}]", dn);
            if (LdapUtils.executePasswordModifyOperation(dn, factory, c.getPassword(), bean.getPassword(), passwordManagementProperties.getLdap().getType())) {
                LOGGER.debug("Successfully updated the account password for [{}]", dn);
                return true;
            }
            LOGGER.error("Could not update the LDAP entry's password for [{}] and base DN [{}]", filter.format(), ldap.getBaseDn());
        } else {
            LOGGER.error("Could not locate an LDAP entry for [{}] and base DN [{}]", filter.format(), ldap.getBaseDn());
        }
    } catch (final Exception e) {
        LOGGER.error(e.getMessage(), e);
    }
    return false;
}

Example 17 with Audit

use of org.apereo.inspektr.audit.annotation.Audit in project cas by apereo.

the class PolicyBasedAuthenticationManager method authenticate.

@Override
@Audit(action = "AUTHENTICATION", actionResolverName = "AUTHENTICATION_RESOLVER", resourceResolverName = "AUTHENTICATION_RESOURCE_RESOLVER")
@Timed(name = "AUTHENTICATE_TIMER")
@Metered(name = "AUTHENTICATE_METER")
@Counted(name = "AUTHENTICATE_COUNT", monotonic = true)
public Authentication authenticate(final AuthenticationTransaction transaction) throws AuthenticationException {
    AuthenticationCredentialsThreadLocalBinder.bindCurrent(transaction.getCredentials());
    final AuthenticationBuilder builder = authenticateInternal(transaction);
    AuthenticationCredentialsThreadLocalBinder.bindCurrent(builder);
    final Authentication authentication = builder.build();
    addAuthenticationMethodAttribute(builder, authentication);
    populateAuthenticationMetadataAttributes(builder, transaction);
    invokeAuthenticationPostProcessors(builder, transaction);
    final Authentication auth = builder.build();
    final Principal principal = auth.getPrincipal();
    if (principal instanceof NullPrincipal) {
        throw new UnresolvedPrincipalException(auth);
    }
    LOGGER.info("Authenticated principal [{}] with attributes [{}] via credentials [{}].", principal.getId(), principal.getAttributes(), transaction.getCredentials());
    AuthenticationCredentialsThreadLocalBinder.bindCurrent(auth);
    return auth;
}

Example 18 with Audit

use of org.apereo.inspektr.audit.annotation.Audit in project cas by apereo.

the class BaseSamlProfileSamlResponseBuilder method build.

@Audit(action = "SAML2_RESPONSE", actionResolverName = "SAML2_RESPONSE_ACTION_RESOLVER", resourceResolverName = "SAML2_RESPONSE_RESOURCE_RESOLVER")
@Override
public T build(final RequestAbstractType authnRequest, final HttpServletRequest request, final HttpServletResponse response, final Object casAssertion, final SamlRegisteredService service, final SamlRegisteredServiceServiceProviderMetadataFacade adaptor, final String binding) throws SamlException {
    final Assertion assertion = buildSamlAssertion(authnRequest, request, response, casAssertion, service, adaptor, binding);
    final T finalResponse = buildResponse(assertion, casAssertion, authnRequest, service, adaptor, request, response, binding);
    return encodeFinalResponse(request, response, service, adaptor, finalResponse, binding, authnRequest, casAssertion);
}

Example 19 with Audit

use of org.apereo.inspektr.audit.annotation.Audit in project cas by apereo.

the class DefaultOAuth2UserProfileDataCreator method createFrom.

@Override
@Audit(action = "OAUTH2_USER_PROFILE_DATA", actionResolverName = "OAUTH2_USER_PROFILE_DATA_ACTION_RESOLVER", resourceResolverName = "OAUTH2_USER_PROFILE_DATA_RESOURCE_RESOLVER")
public Map<String, Object> createFrom(final AccessToken accessToken, final J2EContext context) {
    final Principal principal = getAccessTokenAuthenticationPrincipal(accessToken, context);
    final Map<String, Object> map = new HashMap<>();
    map.put(OAuth20UserProfileViewRenderer.MODEL_ATTRIBUTE_ID, principal.getId());
    map.put(OAuth20UserProfileViewRenderer.MODEL_ATTRIBUTE_ATTRIBUTES, principal.getAttributes());
    finalizeProfileResponse(accessToken, map, principal);
    return map;
}

Example 20 with Audit

use of org.apereo.inspektr.audit.annotation.Audit in project cas by apereo.

the class DefaultAuthenticationManager method authenticate.

@Override
@Audit(action = AuditableActions.AUTHENTICATION, actionResolverName = AuditActionResolvers.AUTHENTICATION_RESOLVER, resourceResolverName = AuditResourceResolvers.AUTHENTICATION_RESOURCE_RESOLVER)
public Authentication authenticate(final AuthenticationTransaction transaction) throws AuthenticationException {
    val result = invokeAuthenticationPreProcessors(transaction);
    if (!result) {
        LOGGER.warn("An authentication pre-processor could not successfully process the authentication transaction");
        throw new AuthenticationException("Authentication pre-processor has failed to process transaction");
    }
    AuthenticationCredentialsThreadLocalBinder.bindCurrent(transaction.getCredentials());
    val builder = authenticateInternal(transaction);
    AuthenticationCredentialsThreadLocalBinder.bindCurrent(builder);
    val authentication = builder.build();
    addAuthenticationMethodAttribute(builder, authentication);
    populateAuthenticationMetadataAttributes(builder, transaction);
    invokeAuthenticationPostProcessors(builder, transaction);
    val auth = builder.build();
    val principal = auth.getPrincipal();
    if (principal instanceof NullPrincipal) {
        throw new UnresolvedPrincipalException(auth);
    }
    LOGGER.info("Authenticated principal [{}] with attributes [{}] via credentials [{}].", principal.getId(), principal.getAttributes(), transaction.getCredentials());
    AuthenticationCredentialsThreadLocalBinder.bindCurrent(auth);
    return auth;
}