Example 6 with AuditEvent
use of org.forgerock.audit.events.AuditEvent in project OpenAM by OpenRock.
the class AMAccessAuditEventBuilderTest method canBuildAccessAuditEventWithContext.
@Test
public void canBuildAccessAuditEventWithContext() throws Exception {
AuditEvent accessEvent = new AMAccessAuditEventBuilder().timestamp(1436389263629L).eventName(EventName.AM_ACCESS_ATTEMPT).component(Component.AUDIT).transactionId("ad1f26e3-1ced-418d-b6ec-c8488411a625").userId("id=amadmin,ou=user,dc=openam,dc=forgerock,dc=org").trackingId("12345").client("172.16.101.7", 62375).server("216.58.208.36", 80).request("CREST", "READ").httpRequest(false, "GET", "/some/path", getQueryParameters(), getHeaders()).response(SUCCESSFUL, "200", 42, MILLISECONDS).toEvent();
assertJsonValue(accessEvent.getValue(), "/access-event.json");
}
Also used :
AuditEvent(org.forgerock.audit.events.AuditEvent)
Test(org.testng.annotations.Test)
Example 7 with AuditEvent
use of org.forgerock.audit.events.AuditEvent in project OpenAM by OpenRock.
the class AbstractHttpAccessAuditFilterTest method shouldAuditAccessAttemptAndResult.
@Test(dataProvider = "handlerResponses")
public void shouldAuditAccessAttemptAndResult(Status responseStatus) throws AuditException {
//Given
Context context = new RequestAuditContext(mockContext());
Request request = new Request().setMethod("GET").setUri(URI.create("http://example.com:8080?query=value"));
request.getHeaders().put(ContentTypeHeader.valueOf("CONTENT_TYPE"));
enableAccessTopicAuditing();
Handler handler = mockHandler(context, request, responseStatus);
//When
auditFilter.filter(context, request, handler);
//Then
ArgumentCaptor<AuditEvent> auditEventCaptor = ArgumentCaptor.forClass(AuditEvent.class);
verify(eventPublisher, times(2)).tryPublish(eq(AuditConstants.ACCESS_TOPIC), auditEventCaptor.capture());
verifyAccessAttemptAuditEvent(auditEventCaptor.getAllValues().get(0).getValue());
if (responseStatus.isSuccessful()) {
verifyAccessSuccessAuditEvent(auditEventCaptor.getAllValues().get(1).getValue());
} else {
verifyAccessFailedAuditEvent(auditEventCaptor.getAllValues().get(1).getValue());
}
}
Also used :
RootContext(org.forgerock.services.context.RootContext)
ClientContext(org.forgerock.services.context.ClientContext)
RequestAuditContext(org.forgerock.services.context.RequestAuditContext)
Context(org.forgerock.services.context.Context)
AuditRequestContext(org.forgerock.openam.audit.context.AuditRequestContext)
SessionContext(org.forgerock.http.session.SessionContext)
AttributesContext(org.forgerock.services.context.AttributesContext)
RequestAuditContext(org.forgerock.services.context.RequestAuditContext)
Request(org.forgerock.http.protocol.Request)
Handler(org.forgerock.http.Handler)
AuditEvent(org.forgerock.audit.events.AuditEvent)
Test(org.testng.annotations.Test)
Example 8 with AuditEvent
use of org.forgerock.audit.events.AuditEvent in project OpenAM by OpenRock.
the class AuditEventPublisherImplTest method publishesProvidedAuditEventToAuditService.
@Test
public void publishesProvidedAuditEventToAuditService() throws Exception {
// Given
AuditEvent auditEvent = getAuditEvent(null);
givenDefaultAuditService();
when(mockHandler.publishEvent(any(Context.class), eq("access"), auditEventCaptor.capture())).thenReturn(dummyPromise);
// When
auditEventPublisher.tryPublish("access", auditEvent);
// Then
verify(mockHandler, times(1)).publishEvent(any(Context.class), any(String.class), any(JsonValue.class));
assertThat(auditEventCaptor.getValue()).isEqualTo(auditEvent.getValue());
}
Also used :
Context(org.forgerock.services.context.Context)
JsonValue(org.forgerock.json.JsonValue)
AuditEvent(org.forgerock.audit.events.AuditEvent)
Test(org.testng.annotations.Test)
Example 9 with AuditEvent
use of org.forgerock.audit.events.AuditEvent in project OpenAM by OpenRock.
the class AuditEventPublisherImplTest method shouldFallBackToDefaultAuditServiceWhenRealmHasShutDown.
@Test
public void shouldFallBackToDefaultAuditServiceWhenRealmHasShutDown() throws Exception {
// Given
AuditEvent auditEvent = getAuditEvent("deadRealm");
givenDefaultAuditService();
when(mockHandler.publishEvent(any(Context.class), eq("access"), auditEventCaptor.capture())).thenReturn(dummyPromise);
AMAuditServiceConfiguration serviceConfig = new AMAuditServiceConfiguration(true);
AuditServiceBuilder builder = AuditServiceBuilder.newAuditService().withConfiguration(serviceConfig).withAuditEventHandler(mock(AuditEventHandler.class));
AMAuditService auditService = new RealmAuditServiceProxy(builder.build(), mock(AMAuditService.class), serviceConfig);
auditService.startup();
auditService.shutdown();
when(auditServiceProvider.getAuditService("deadRealm")).thenReturn(auditService);
// When
auditEventPublisher.tryPublish("access", auditEvent);
// Then
assertThat(auditEventCaptor.getValue()).isEqualTo(auditEvent.getValue());
}
Also used :
Context(org.forgerock.services.context.Context)
AuditServiceBuilder(org.forgerock.audit.AuditServiceBuilder)
AuditEvent(org.forgerock.audit.events.AuditEvent)
AuditEventHandler(org.forgerock.audit.events.handlers.AuditEventHandler)
AMAuditServiceConfiguration(org.forgerock.openam.audit.configuration.AMAuditServiceConfiguration)
Test(org.testng.annotations.Test)
Example 10 with AuditEvent
use of org.forgerock.audit.events.AuditEvent in project OpenAM by OpenRock.
the class PLLAuditor method auditAccessFailure.
/**
* Publishes an event with details of the failed CREST operation, if the 'access' topic is audited.
* <p/>
* Any exception that occurs while trying to publish the audit event will be
* captured in the debug logs but otherwise ignored.
*
* @param errorCode A unique code that identifies the error condition.
* @param message A human-readable description of the error that occurred.
*/
public void auditAccessFailure(String errorCode, String message) {
if (!accessAttemptAudited) {
auditAccessAttempt();
}
if (auditEventPublisher.isAuditing(realm, ACCESS_TOPIC, EventName.AM_ACCESS_OUTCOME)) {
final long endTime = System.currentTimeMillis();
final long elapsedTime = endTime - startTime;
final JsonValue detail = json(object(field(ACCESS_RESPONSE_DETAIL_REASON, message)));
AuditEvent auditEvent = auditEventFactory.accessEvent(realm).forHttpServletRequest(httpServletRequest).timestamp(endTime).transactionId(AuditRequestContext.getTransactionIdValue()).eventName(EventName.AM_ACCESS_OUTCOME).component(component).responseWithDetail(FAILED, errorCode, elapsedTime, MILLISECONDS, detail).userId(userId).request(PLL, method).trackingId(trackingId).toEvent();
auditEventPublisher.tryPublish(ACCESS_TOPIC, auditEvent);
reset();
}
}
Also used :
JsonValue(org.forgerock.json.JsonValue)
AuditEvent(org.forgerock.audit.events.AuditEvent)
Aggregations
AuditEvent (org.forgerock.audit.events.AuditEvent)24
Test (org.testng.annotations.Test)13
JsonValue (org.forgerock.json.JsonValue)6
Map (java.util.Map)3
AMAccessAuditEventBuilder (org.forgerock.openam.audit.AMAccessAuditEventBuilder)3
Context (org.forgerock.services.context.Context)3
Date (java.util.Date)2
ConcurrentHashMap (java.util.concurrent.ConcurrentHashMap)2
Request (org.restlet.Request)2
Response (org.restlet.Response)2
JsonRepresentation (org.restlet.ext.json.JsonRepresentation)2
LogExtracts (com.sun.identity.log.service.AgentLogParser.LogExtracts)1
URL (java.net.URL)1
List (java.util.List)1
AuditServiceBuilder (org.forgerock.audit.AuditServiceBuilder)1
AuditEventHandler (org.forgerock.audit.events.handlers.AuditEventHandler)1
Handler (org.forgerock.http.Handler)1
Request (org.forgerock.http.protocol.Request)1
SessionContext (org.forgerock.http.session.SessionContext)1
AMAuditServiceConfiguration (org.forgerock.openam.audit.configuration.AMAuditServiceConfiguration)1
