Example 1 with RequestAuditContext
use of org.forgerock.services.context.RequestAuditContext in project OpenAM by OpenRock.
the class RestRouterIT method mockContext.
private Context mockContext(Context parent) {
if (parent == null) {
parent = new RootContext();
}
AttributesContext httpRequestContext = new AttributesContext(new SessionContext(parent, mock(Session.class)));
HttpServletRequest httpServletRequest = mock(HttpServletRequest.class);
httpRequestContext.getAttributes().put(HttpServletRequest.class.getName(), httpServletRequest);
return new RequestAuditContext(httpRequestContext);
}
Also used :
RootContext(org.forgerock.services.context.RootContext)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
RequestAuditContext(org.forgerock.services.context.RequestAuditContext)
AttributesContext(org.forgerock.services.context.AttributesContext)
SessionContext(org.forgerock.http.session.SessionContext)
Example 2 with RequestAuditContext
use of org.forgerock.services.context.RequestAuditContext in project OpenAM by OpenRock.
the class AuditTestUtils method mockAuditContext.
public static Context mockAuditContext() throws Exception {
final Context httpContext = new HttpContext(jsonFromFile("/org/forgerock/openam/rest/fluent/httpContext.json"), AbstractAuditFilterTest.class.getClassLoader());
final Subject callerSubject = new Subject();
final Context securityContext = new SecurityContext(httpContext, null, null);
final Context subjectContext = new SSOTokenContext(mock(Debug.class), null, securityContext) {
@Override
public Subject getCallerSubject() {
return callerSubject;
}
@Override
public SSOToken getCallerSSOToken() {
SSOToken token = mock(SSOToken.class);
try {
given(token.getProperty(Constants.AM_CTX_ID)).willReturn("TRACKING_ID");
given(token.getProperty(Constants.UNIVERSAL_IDENTIFIER)).willReturn("USER_ID");
} catch (SSOException e) {
// won't happen - it's a mock
}
return token;
}
};
final Context clientContext = ClientContext.newInternalClientContext(subjectContext);
return new RequestAuditContext(new AuditInfoContext(clientContext, AuditConstants.Component.AUDIT));
}
Also used :
SecurityContext(org.forgerock.services.context.SecurityContext)
HttpContext(org.forgerock.json.resource.http.HttpContext)
AuditInfoContext(org.forgerock.openam.rest.resource.AuditInfoContext)
Context(org.forgerock.services.context.Context)
ClientContext(org.forgerock.services.context.ClientContext)
RequestAuditContext(org.forgerock.services.context.RequestAuditContext)
SSOTokenContext(org.forgerock.openam.rest.resource.SSOTokenContext)
RequestAuditContext(org.forgerock.services.context.RequestAuditContext)
SSOToken(com.iplanet.sso.SSOToken)
SSOTokenContext(org.forgerock.openam.rest.resource.SSOTokenContext)
HttpContext(org.forgerock.json.resource.http.HttpContext)
SecurityContext(org.forgerock.services.context.SecurityContext)
SSOException(com.iplanet.sso.SSOException)
AuditInfoContext(org.forgerock.openam.rest.resource.AuditInfoContext)
Subject(javax.security.auth.Subject)
Debug(com.sun.identity.shared.debug.Debug)
Example 3 with RequestAuditContext
use of org.forgerock.services.context.RequestAuditContext in project OpenAM by OpenRock.
the class AbstractHttpAccessAuditFilterTest method shouldAuditAccessAttemptAndResult.
@Test(dataProvider = "handlerResponses")
public void shouldAuditAccessAttemptAndResult(Status responseStatus) throws AuditException {
//Given
Context context = new RequestAuditContext(mockContext());
Request request = new Request().setMethod("GET").setUri(URI.create("http://example.com:8080?query=value"));
request.getHeaders().put(ContentTypeHeader.valueOf("CONTENT_TYPE"));
enableAccessTopicAuditing();
Handler handler = mockHandler(context, request, responseStatus);
//When
auditFilter.filter(context, request, handler);
//Then
ArgumentCaptor<AuditEvent> auditEventCaptor = ArgumentCaptor.forClass(AuditEvent.class);
verify(eventPublisher, times(2)).tryPublish(eq(AuditConstants.ACCESS_TOPIC), auditEventCaptor.capture());
verifyAccessAttemptAuditEvent(auditEventCaptor.getAllValues().get(0).getValue());
if (responseStatus.isSuccessful()) {
verifyAccessSuccessAuditEvent(auditEventCaptor.getAllValues().get(1).getValue());
} else {
verifyAccessFailedAuditEvent(auditEventCaptor.getAllValues().get(1).getValue());
}
}
Also used :
RootContext(org.forgerock.services.context.RootContext)
ClientContext(org.forgerock.services.context.ClientContext)
RequestAuditContext(org.forgerock.services.context.RequestAuditContext)
Context(org.forgerock.services.context.Context)
AuditRequestContext(org.forgerock.openam.audit.context.AuditRequestContext)
SessionContext(org.forgerock.http.session.SessionContext)
AttributesContext(org.forgerock.services.context.AttributesContext)
RequestAuditContext(org.forgerock.services.context.RequestAuditContext)
Request(org.forgerock.http.protocol.Request)
Handler(org.forgerock.http.Handler)
AuditEvent(org.forgerock.audit.events.AuditEvent)
Test(org.testng.annotations.Test)
Example 4 with RequestAuditContext
use of org.forgerock.services.context.RequestAuditContext in project OpenAM by OpenRock.
the class AbstractHttpAccessAuditFilterTest method shouldNotAuditIfAuditingIsNotEnabledForAccessTopic.
@Test(dataProvider = "handlerResponses")
public void shouldNotAuditIfAuditingIsNotEnabledForAccessTopic(Status responseStatus) throws AuditException {
//Given
Context context = new RequestAuditContext(mockContext());
Request request = new Request().setUri(URI.create("http://example.com"));
disableAccessTopicAuditing();
Handler handler = mockHandler(context, request, responseStatus);
//When
auditFilter.filter(context, request, handler);
//Then
verify(eventPublisher, never()).tryPublish(anyString(), any(AuditEvent.class));
}
Also used :
RootContext(org.forgerock.services.context.RootContext)
ClientContext(org.forgerock.services.context.ClientContext)
RequestAuditContext(org.forgerock.services.context.RequestAuditContext)
Context(org.forgerock.services.context.Context)
AuditRequestContext(org.forgerock.openam.audit.context.AuditRequestContext)
SessionContext(org.forgerock.http.session.SessionContext)
AttributesContext(org.forgerock.services.context.AttributesContext)
RequestAuditContext(org.forgerock.services.context.RequestAuditContext)
Request(org.forgerock.http.protocol.Request)
Handler(org.forgerock.http.Handler)
AuditEvent(org.forgerock.audit.events.AuditEvent)
Test(org.testng.annotations.Test)
Aggregations
RequestAuditContext (org.forgerock.services.context.RequestAuditContext)4
SessionContext (org.forgerock.http.session.SessionContext)3
AttributesContext (org.forgerock.services.context.AttributesContext)3
ClientContext (org.forgerock.services.context.ClientContext)3
Context (org.forgerock.services.context.Context)3
RootContext (org.forgerock.services.context.RootContext)3
AuditEvent (org.forgerock.audit.events.AuditEvent)2
Handler (org.forgerock.http.Handler)2
Request (org.forgerock.http.protocol.Request)2
AuditRequestContext (org.forgerock.openam.audit.context.AuditRequestContext)2
Test (org.testng.annotations.Test)2
SSOException (com.iplanet.sso.SSOException)1
SSOToken (com.iplanet.sso.SSOToken)1
Debug (com.sun.identity.shared.debug.Debug)1
Subject (javax.security.auth.Subject)1
HttpServletRequest (javax.servlet.http.HttpServletRequest)1
HttpContext (org.forgerock.json.resource.http.HttpContext)1
AuditInfoContext (org.forgerock.openam.rest.resource.AuditInfoContext)1
SSOTokenContext (org.forgerock.openam.rest.resource.SSOTokenContext)1
SecurityContext (org.forgerock.services.context.SecurityContext)1
