Example 6 with SecurityEventAuditRecord
use of org.cloudfoundry.credhub.domain.SecurityEventAuditRecord in project credhub by cloudfoundry-incubator.
the class SecurityEventsLogServiceTest method log_whenTheQueryParamStringIsEmpty_shouldSpecifyOnlyThePathInTheRequest.
@Test
public void log_whenTheQueryParamStringIsEmpty_shouldSpecifyOnlyThePathInTheRequest() {
RequestAuditRecord requestAuditRecord = makeOperationAuditRecord("", AUTH_METHOD_UAA);
subject.log(new SecurityEventAuditRecord(requestAuditRecord, "actor-id"));
assertThat(fakeVersion, notNullValue());
assertThat(fakeVersion.length(), greaterThan(0));
verify(securityEventsLogger).info(contains("request=/api/some-path requestMethod=GET"));
}
Also used :
SecurityEventAuditRecord(org.cloudfoundry.credhub.domain.SecurityEventAuditRecord)
RequestAuditRecord(org.cloudfoundry.credhub.entity.RequestAuditRecord)
Test(org.junit.Test)
Example 7 with SecurityEventAuditRecord
use of org.cloudfoundry.credhub.domain.SecurityEventAuditRecord in project credhub by cloudfoundry-incubator.
the class SecurityEventsLogServiceTest method log_whenTheQueryParamStringIsNull_shouldSpecifyOnlyThePathInTheRequest.
@Test
public void log_whenTheQueryParamStringIsNull_shouldSpecifyOnlyThePathInTheRequest() {
RequestAuditRecord requestAuditRecord = makeOperationAuditRecord(null, AUTH_METHOD_UAA);
subject.log(new SecurityEventAuditRecord(requestAuditRecord, "actor-id"));
assertThat(fakeVersion, notNullValue());
assertThat(fakeVersion.length(), greaterThan(0));
verify(securityEventsLogger).info(contains("request=/api/some-path requestMethod=GET"));
}
Also used :
SecurityEventAuditRecord(org.cloudfoundry.credhub.domain.SecurityEventAuditRecord)
RequestAuditRecord(org.cloudfoundry.credhub.entity.RequestAuditRecord)
Test(org.junit.Test)
Example 8 with SecurityEventAuditRecord
use of org.cloudfoundry.credhub.domain.SecurityEventAuditRecord in project credhub by cloudfoundry-incubator.
the class SecurityEventsLogServiceTest method log_shouldLogAnOperationAuditRecordToTheSysLogWhenUsingOAuth.
@Test
public void log_shouldLogAnOperationAuditRecordToTheSysLogWhenUsingOAuth() {
RequestAuditRecord requestAuditRecord = makeOperationAuditRecord("foo=bar", AUTH_METHOD_UAA);
subject.log(new SecurityEventAuditRecord(requestAuditRecord, "actor-id"));
verify(securityEventsLogger).info("CEF:0|cloud_foundry|credhub|" + fakeVersion + "|GET /api/some-path|" + "GET /api/some-path|0|rt=" + String.valueOf(now.toEpochMilli()) + " suser=user-name " + "suid=actor-id " + "cs1Label=userAuthenticationMechanism " + "cs1=oauth-access-token " + "request=/api/some-path?foo=bar " + "requestMethod=GET " + "cs3Label=result " + "cs3=success " + "cs4Label=httpStatusCode " + "cs4=200 " + "src=127.0.0.1 " + "dst=host.example.com");
}
Also used :
SecurityEventAuditRecord(org.cloudfoundry.credhub.domain.SecurityEventAuditRecord)
RequestAuditRecord(org.cloudfoundry.credhub.entity.RequestAuditRecord)
Test(org.junit.Test)
Aggregations
SecurityEventAuditRecord (org.cloudfoundry.credhub.domain.SecurityEventAuditRecord)8
RequestAuditRecord (org.cloudfoundry.credhub.entity.RequestAuditRecord)8
Test (org.junit.Test)6
Principal (java.security.Principal)1
HttpServletRequest (javax.servlet.http.HttpServletRequest)1
HttpServletResponse (javax.servlet.http.HttpServletResponse)1
UserContext (org.cloudfoundry.credhub.auth.UserContext)1
Authentication (org.springframework.security.core.Authentication)1
