Example 11 with AuditEvent
use of org.forgerock.audit.events.AuditEvent in project OpenAM by OpenRock.
the class AMAccessAuditEventBuilderTest method canBuildAccessAuditEventWithContexts.
@Test
public void canBuildAccessAuditEventWithContexts() throws Exception {
AuditEvent accessEvent = new AMAccessAuditEventBuilder().timestamp(1436389263629L).eventName(EventName.AM_ACCESS_ATTEMPT).component(Component.AUDIT).transactionId("ad1f26e3-1ced-418d-b6ec-c8488411a625").userId("id=amadmin,ou=user,dc=openam,dc=forgerock,dc=org").trackingId("12345").client("172.16.101.7", 62375).server("216.58.208.36", 80).request("CREST", "READ").httpRequest(false, "GET", "/some/path", getQueryParameters(), getHeaders()).response(SUCCESSFUL, "200", 42, MILLISECONDS).toEvent();
assertJsonValue(accessEvent.getValue(), "/access-event.json");
}
Also used :
AuditEvent(org.forgerock.audit.events.AuditEvent)
Test(org.testng.annotations.Test)
Example 12 with AuditEvent
use of org.forgerock.audit.events.AuditEvent in project OpenAM by OpenRock.
the class AMAccessAuditEventBuilderTest method canHandleNullComponent.
@Test
public void canHandleNullComponent() {
AuditEvent accessEvent = new AMAccessAuditEventBuilder().timestamp(1436389263629L).eventName(EventName.AM_ACCESS_ATTEMPT).transactionId("ad1f26e3-1ced-418d-b6ec-c8488411a625").realm(null).component(null).toEvent();
assertThat(accessEvent).isNotNull();
}
Also used :
AuditEvent(org.forgerock.audit.events.AuditEvent)
Test(org.testng.annotations.Test)
Example 13 with AuditEvent
use of org.forgerock.audit.events.AuditEvent in project OpenAM by OpenRock.
the class PLLAuditor method auditAccessAttempt.
/**
* Publishes an audit event with details of the attempted CREST operation, if the 'access' topic is audited.
*
* @throws AuditException If an exception occurred that prevented the audit event from being published.
*/
public void auditAccessAttempt() {
if (auditEventPublisher.isAuditing(realm, ACCESS_TOPIC, EventName.AM_ACCESS_ATTEMPT)) {
AuditEvent auditEvent = auditEventFactory.accessEvent(realm).forHttpServletRequest(httpServletRequest).timestamp(startTime).transactionId(AuditRequestContext.getTransactionIdValue()).eventName(EventName.AM_ACCESS_ATTEMPT).component(component).userId(userId).request(PLL, method).trackingId(trackingId).toEvent();
auditEventPublisher.tryPublish(ACCESS_TOPIC, auditEvent);
}
accessAttemptAudited = true;
}
Also used :
AuditEvent(org.forgerock.audit.events.AuditEvent)
Example 14 with AuditEvent
use of org.forgerock.audit.events.AuditEvent in project OpenAM by OpenRock.
the class PLLAuditor method auditAccessSuccess.
/**
* Publishes an event with details of the successfully completed CREST operation, if the 'access' topic is audited.
* <p/>
* Any exception that occurs while trying to publish the audit event will be
* captured in the debug logs but otherwise ignored.
*/
public void auditAccessSuccess() {
if (!accessAttemptAudited) {
auditAccessAttempt();
}
if (auditEventPublisher.isAuditing(realm, ACCESS_TOPIC, EventName.AM_ACCESS_OUTCOME)) {
final long endTime = System.currentTimeMillis();
final long elapsedTime = endTime - startTime;
AuditEvent auditEvent = auditEventFactory.accessEvent(realm).forHttpServletRequest(httpServletRequest).timestamp(endTime).transactionId(AuditRequestContext.getTransactionIdValue()).eventName(EventName.AM_ACCESS_OUTCOME).component(component).response(SUCCESSFUL, "", elapsedTime, MILLISECONDS).userId(userId).request(PLL, method).trackingId(trackingId).toEvent();
auditEventPublisher.tryPublish(ACCESS_TOPIC, auditEvent);
reset();
}
}
Also used :
AuditEvent(org.forgerock.audit.events.AuditEvent)
Example 15 with AuditEvent
use of org.forgerock.audit.events.AuditEvent in project OpenAM by OpenRock.
the class AuditEventPublisherTest method publishesAuditEventsToAMAuditServiceEndpoint.
@Test
public void publishesAuditEventsToAMAuditServiceEndpoint() throws Exception {
ArgumentCaptor<URL> urlCaptor = ArgumentCaptor.forClass(URL.class);
ArgumentCaptor<Map> headersCaptor = ArgumentCaptor.forClass(Map.class);
ArgumentCaptor<String> methodCaptor = ArgumentCaptor.forClass(String.class);
ArgumentCaptor<String> payloadCaptor = ArgumentCaptor.forClass(String.class);
// Given
AuditEvent auditEvent = mockAuditEvent("event-as-json");
HttpURLConnectionWrapper httpURLConnectionWrapper = mockHttpURLConnectionWrapper(headersCaptor, methodCaptor, payloadCaptor);
given(soapSTSAccessTokenProvider.getAccessToken()).willReturn("ssoTokenId");
given(httpURLConnectionWrapperFactory.httpURLConnectionWrapper(urlCaptor.capture())).willReturn(httpURLConnectionWrapper);
// When
auditEventPublisher.tryPublish(AuditConstants.ACCESS_TOPIC, auditEvent);
// Then
verify(soapSTSAccessTokenProvider, times(1)).getAccessToken();
assertThat(urlCaptor.getValue()).isEqualTo(new URL("http://openam.example.com:8080/openam/json/audit/access/?_action=create"));
assertThat(headersCaptor.getValue().get(AMSTSConstants.CONTENT_TYPE)).isEqualTo(AMSTSConstants.APPLICATION_JSON);
assertThat(headersCaptor.getValue().get(AMSTSConstants.CREST_VERSION_HEADER_KEY)).isEqualTo("protocol=1.0, resource=1.0");
assertThat(headersCaptor.getValue().get(AMSTSConstants.COOKIE)).isEqualTo("iPlanetDirectoryPro=ssoTokenId");
assertThat(methodCaptor.getValue()).isEqualToIgnoringCase(AMSTSConstants.GET);
assertThat(payloadCaptor.getValue()).isEqualToIgnoringCase("event-as-json");
verify(soapSTSAccessTokenProvider, times(1)).invalidateAccessToken("ssoTokenId");
}
Also used :
HttpURLConnectionWrapper(org.forgerock.openam.sts.HttpURLConnectionWrapper)
AuditEvent(org.forgerock.audit.events.AuditEvent)
Map(java.util.Map)
URL(java.net.URL)
Test(org.testng.annotations.Test)
Aggregations
AuditEvent (org.forgerock.audit.events.AuditEvent)24
Test (org.testng.annotations.Test)13
JsonValue (org.forgerock.json.JsonValue)6
Map (java.util.Map)3
AMAccessAuditEventBuilder (org.forgerock.openam.audit.AMAccessAuditEventBuilder)3
Context (org.forgerock.services.context.Context)3
Date (java.util.Date)2
ConcurrentHashMap (java.util.concurrent.ConcurrentHashMap)2
Request (org.restlet.Request)2
Response (org.restlet.Response)2
JsonRepresentation (org.restlet.ext.json.JsonRepresentation)2
LogExtracts (com.sun.identity.log.service.AgentLogParser.LogExtracts)1
URL (java.net.URL)1
List (java.util.List)1
AuditServiceBuilder (org.forgerock.audit.AuditServiceBuilder)1
AuditEventHandler (org.forgerock.audit.events.handlers.AuditEventHandler)1
Handler (org.forgerock.http.Handler)1
Request (org.forgerock.http.protocol.Request)1
SessionContext (org.forgerock.http.session.SessionContext)1
AMAuditServiceConfiguration (org.forgerock.openam.audit.configuration.AMAuditServiceConfiguration)1
