Search in sources :

Example 1 with SsoServerLoggingSvcImpl

use of com.sun.identity.monitoring.SsoServerLoggingSvcImpl in project OpenAM by OpenRock.

the class Logger method incMonReject.

/*
     *  increment the logging service LoggingRecsRejected attribute and
     *  the logging handler's (File, DB, and Secure only) LoggingHdlrFailureCt.
     *  this is for the count of rejections due to unauthorized userid trying
     *  to write to the log.
     */
private void incMonReject() {
    if (LogManager.isLocal && MonitoringUtil.isRunning()) {
        // logging service stat
        SsoServerLoggingSvcImpl logSvcMon = Agent.getLoggingSvcMBean();
        if (logSvcMon != null) {
            logSvcMon.incSsoServerLoggingRecsRejected();
        }
        // handler's stat
        // if DB then database, else if secure then secure file, else file
        SsoServerLoggingHdlrEntryImpl logH = null;
        if (lm.isDBLogging()) {
            logH = logSvcMon.getHandler(SsoServerLoggingSvcImpl.DB_HANDLER_NAME);
        } else if (lm.isSecure()) {
            logH = logSvcMon.getHandler(SsoServerLoggingSvcImpl.SECURE_FILE_HANDLER_NAME);
        } else {
            logH = logSvcMon.getHandler(SsoServerLoggingSvcImpl.FILE_HANDLER_NAME);
        }
        if (logH != null) {
            logH.incHandlerFailureCount(1);
            /*
                 *  also increment handler's request count.  if it gets
                 *  through the authorization check, it gets incremented
                 *  in the handler itself.
                 */
            logH.incHandlerRequestCount(1);
        }
    }
}
Also used : SsoServerLoggingSvcImpl(com.sun.identity.monitoring.SsoServerLoggingSvcImpl) SsoServerLoggingHdlrEntryImpl(com.sun.identity.monitoring.SsoServerLoggingHdlrEntryImpl)

Example 2 with SsoServerLoggingSvcImpl

use of com.sun.identity.monitoring.SsoServerLoggingSvcImpl in project OpenAM by OpenRock.

the class LogRecWrite method execute.

/**
     * Return result of the request processing in <code>Response</code>
     * @return result of the request processing in <code>Response</code>
     */
public Response execute(AuditEventPublisher auditEventPublisher, AuditEventFactory auditEventFactory) {
    Response res = new Response("OK");
    SsoServerLoggingSvcImpl slsi = null;
    SsoServerLoggingHdlrEntryImpl slei = null;
    if (MonitoringUtil.isRunning()) {
        slsi = Agent.getLoggingSvcMBean();
        slei = slsi.getHandler(SsoServerLoggingSvcImpl.REMOTE_HANDLER_NAME);
    }
    Logger logger = (Logger) Logger.getLogger(_logname);
    if (Debug.messageEnabled()) {
        Debug.message("LogRecWrite: exec: logname = " + _logname);
    }
    Level level = Level.parse(((com.sun.identity.log.service.LogRecord) _records.elementAt(0)).level);
    String msg = ((com.sun.identity.log.service.LogRecord) _records.elementAt(0)).msg;
    Map logInfoMap = ((com.sun.identity.log.service.LogRecord) _records.elementAt(0)).logInfoMap;
    Object[] parameters = ((com.sun.identity.log.service.LogRecord) _records.elementAt(0)).parameters;
    try {
        msg = new String(com.sun.identity.shared.encode.Base64.decode(msg));
    } catch (RuntimeException ex) {
        // write msg as it is.
        if (Debug.messageEnabled()) {
            Debug.message("LogRecWrite: message is not base64 encoded");
        }
    }
    LogRecord rec = new LogRecord(level, msg);
    if (logInfoMap != null) {
        String loginIDSid = (String) logInfoMap.get(LogConstants.LOGIN_ID_SID);
        if (loginIDSid != null && loginIDSid.length() > 0) {
            SSOToken loginIDToken = null;
            try {
                SSOTokenManager ssom = SSOTokenManager.getInstance();
                loginIDToken = ssom.createSSOToken(loginIDSid);
            } catch (SSOException e) {
                if (Debug.warningEnabled()) {
                    Debug.warning("LogService::process(): SSOException", e);
                }
                rec.setLogInfoMap(logInfoMap);
            }
            if (loginIDToken != null) {
                // here fill up logInfo into the newlr
                rec = LogSSOTokenDetails.logSSOTokenInfo(rec, loginIDToken);
                // now take one be one values from logInfoMap and overwrite
                // any populated value from sso token.
                Set keySet = logInfoMap.keySet();
                Iterator i = keySet.iterator();
                String key = null;
                String value = null;
                while (i.hasNext()) {
                    key = (String) i.next();
                    value = (String) logInfoMap.get(key);
                    if (value != null && value.length() > 0) {
                        if (key.equalsIgnoreCase(LogConstants.DATA)) {
                            try {
                                value = new String(com.sun.identity.shared.encode.Base64.decode(value));
                            } catch (RuntimeException ex) {
                                // ignore & write msg as it is.
                                if (Debug.messageEnabled()) {
                                    Debug.message("LogRecWrite: data is not " + "base64 encoded");
                                }
                            }
                        }
                        rec.addLogInfo(key, value);
                    }
                }
            }
        } else {
            rec.setLogInfoMap(logInfoMap);
        }
    }
    rec.addLogInfo(LogConstants.LOG_LEVEL, rec.getLevel().toString());
    rec.setParameters(parameters);
    SSOToken loggedByToken = null;
    String realm = NO_REALM;
    try {
        SSOTokenManager ssom = SSOTokenManager.getInstance();
        loggedByToken = ssom.createSSOToken(_loggedBySid);
        Map<String, Set<String>> appAttributes = IdUtils.getIdentity(loggedByToken).getAttributes();
        realm = getFirstItem(appAttributes.get(EVALUATION_REALM), NO_REALM);
    } catch (IdRepoException | SSOException ssoe) {
        Debug.error("LogRecWrite: exec:SSOException: ", ssoe);
    }
    if (MonitoringUtil.isRunning()) {
        slei.incHandlerRequestCount(1);
    }
    auditAccessMessage(auditEventPublisher, auditEventFactory, rec, realm);
    logger.log(rec, loggedByToken);
    // Log file record write okay and return OK
    if (MonitoringUtil.isRunning()) {
        slei.incHandlerSuccessCount(1);
    }
    return res;
}
Also used : SSOTokenManager(com.iplanet.sso.SSOTokenManager) SSOToken(com.iplanet.sso.SSOToken) Set(java.util.Set) IdRepoException(com.sun.identity.idm.IdRepoException) SSOException(com.iplanet.sso.SSOException) Logger(com.sun.identity.log.Logger) Response(com.iplanet.services.comm.share.Response) LogRecord(com.sun.identity.log.LogRecord) Iterator(java.util.Iterator) Level(java.util.logging.Level) Map(java.util.Map) SsoServerLoggingSvcImpl(com.sun.identity.monitoring.SsoServerLoggingSvcImpl) SsoServerLoggingHdlrEntryImpl(com.sun.identity.monitoring.SsoServerLoggingHdlrEntryImpl)

Example 3 with SsoServerLoggingSvcImpl

use of com.sun.identity.monitoring.SsoServerLoggingSvcImpl in project OpenAM by OpenRock.

the class LogService method process.

/**
     * The method which accepts the request set, parses the xml request and
     * executes the appropriate log operation.
     * @param requests
     * @param servletRequest
     * @param servletResponse
     * @return The response set which contains the result of the log operation.
     */
public ResponseSet process(PLLAuditor auditor, List<Request> requests, HttpServletRequest servletRequest, HttpServletResponse servletResponse, ServletContext servletContext) {
    if (Debug.messageEnabled()) {
        Debug.message("LogService.process() called :requests are");
        for (Request req : requests) {
            Debug.message("xml = " + req.getContent());
        }
    }
    ResponseSet rset = new ResponseSet(LOG_SERVICE);
    for (Request req : requests) {
        // remember sid string is the last item in the log tag
        String xmlRequestString = req.getContent();
        Response res;
        if ((xmlRequestString == null) || xmlRequestString.equals("null")) {
            Debug.error("Received a null log request");
            res = new Response("NULL_LOG_REQUEST");
            rset.addResponse(res);
        } else {
            int l = xmlRequestString.length();
            int sidi = xmlRequestString.indexOf("sid=");
            int sidj = xmlRequestString.indexOf("</log");
            loggedBySid = xmlRequestString.substring((sidi + 5), (sidj - 2));
            try {
                //NOTE source ip address restrictions are temporary kludge
                // for 6.1 session hijacking hotpatch
                InetAddress remoteClient = SessionUtils.getClientAddress(servletRequest);
                SSOToken ssoToken = RestrictedTokenHelper.resolveRestrictedToken(loggedBySid, remoteClient);
                SSOTokenManager ssom = SSOTokenManager.getInstance();
                if (!ssom.isValidToken(ssoToken)) {
                    String loggedByID = ssoToken.getPrincipal().getName();
                    Debug.error("LogService::process(): access denied for" + " user :" + loggedByID);
                    res = new Response("UNAUTHORIZED");
                    rset.addResponse(res);
                    return rset;
                }
            } catch (SSOException e) {
                Debug.error("LogService::process(): SSOException", e);
                res = new Response("UNAUTHORIZED");
                rset.addResponse(res);
                return rset;
            } catch (Exception e) {
                Debug.error("LogService::process(): ", e);
                res = new Response("ERROR");
                rset.addResponse(res);
            }
            try {
                ByteArrayInputStream bin = new ByteArrayInputStream(xmlRequestString.getBytes("UTF-8"));
                LogOperation op = (LogOperation) parser.parse(bin);
                res = op.execute(auditEventPublisher, auditEventFactory);
            } catch (Exception e) {
                Debug.error("LogService::process():", e);
                // FORMAT ERROR RESPONSE HERE
                res = new Response("ERROR");
                if (MonitoringUtil.isRunning()) {
                    SsoServerLoggingSvcImpl slsi = Agent.getLoggingSvcMBean();
                    SsoServerLoggingHdlrEntryImpl slei = slsi.getHandler(SsoServerLoggingSvcImpl.REMOTE_HANDLER_NAME);
                    slei.incHandlerFailureCount(1);
                }
            }
            rset.addResponse(res);
        }
    }
    return rset;
}
Also used : SSOTokenManager(com.iplanet.sso.SSOTokenManager) SSOToken(com.iplanet.sso.SSOToken) Request(com.iplanet.services.comm.share.Request) HttpServletRequest(javax.servlet.http.HttpServletRequest) ResponseSet(com.iplanet.services.comm.share.ResponseSet) SSOException(com.iplanet.sso.SSOException) SSOException(com.iplanet.sso.SSOException) HttpServletResponse(javax.servlet.http.HttpServletResponse) Response(com.iplanet.services.comm.share.Response) ByteArrayInputStream(java.io.ByteArrayInputStream) InetAddress(java.net.InetAddress) SsoServerLoggingSvcImpl(com.sun.identity.monitoring.SsoServerLoggingSvcImpl) SsoServerLoggingHdlrEntryImpl(com.sun.identity.monitoring.SsoServerLoggingHdlrEntryImpl)

Aggregations

SsoServerLoggingHdlrEntryImpl (com.sun.identity.monitoring.SsoServerLoggingHdlrEntryImpl)3 SsoServerLoggingSvcImpl (com.sun.identity.monitoring.SsoServerLoggingSvcImpl)3 Response (com.iplanet.services.comm.share.Response)2 SSOException (com.iplanet.sso.SSOException)2 SSOToken (com.iplanet.sso.SSOToken)2 SSOTokenManager (com.iplanet.sso.SSOTokenManager)2 Request (com.iplanet.services.comm.share.Request)1 ResponseSet (com.iplanet.services.comm.share.ResponseSet)1 IdRepoException (com.sun.identity.idm.IdRepoException)1 LogRecord (com.sun.identity.log.LogRecord)1 Logger (com.sun.identity.log.Logger)1 ByteArrayInputStream (java.io.ByteArrayInputStream)1 InetAddress (java.net.InetAddress)1 Iterator (java.util.Iterator)1 Map (java.util.Map)1 Set (java.util.Set)1 Level (java.util.logging.Level)1 HttpServletRequest (javax.servlet.http.HttpServletRequest)1 HttpServletResponse (javax.servlet.http.HttpServletResponse)1