Chapter 5. Audit Manager
The Audit Manager interface audits security information. The interface is as follows:
package org.jboss.security.audit; /** * An interface that defines the Security Audit Service */ public interface AuditManager { /** * Audits the information available in the audit event * @param ae the Audit Event * @see AuditEvent */ public void audit(AuditEvent ae); }
The
AuditEvent
is the container object for the audit information. The interface looks like this:
package org.jboss.security.audit; /** * Holds audit information */ public class AuditEvent { private String auditLevel = AuditLevel.INFO; private Map<String,Object> contextMap = new HashMap<String,Object>(); private Exception underlyingException = null; public AuditEvent(String level) { this.auditLevel = level; } public AuditEvent(String level, Map<String,Object> map) { this(level); this.contextMap = map; } public AuditEvent(String level, Map<String,Object> map, Exception ex) { this(level,map); this.underlyingException = ex; } /** * Return the Audit Level * @return */ public String getAuditLevel() { return this.auditLevel; } /** * Get the Contextual Map * @return Map that is final */ public Map getContextMap() { return contextMap; } /** * Set a non-modifiable Context Map * @param cmap Map that is final */ public void setContextMap(final Map<String,Object> cmap) { this.contextMap = cmap; } /** * Get the Exception part of the audit * @return */ public Exception getUnderlyingException() { return underlyingException; } /** * Set the exception on which an audit is happening * @param underlyingException */ public void setUnderlyingException(Exception underlyingException) { this.underlyingException = underlyingException; } public String toString() { StringBuilder sbu = new StringBuilder(); sbu.append("[").append(auditLevel).append("]"); sbu.append(dissectContextMap()); return sbu.toString(); } }
The
AuditEvent
contains a context map and an optional exception. This information should be set by the process that uses the auditing framework. The AuditLevel
defines the level of severity.
package org.jboss.security.audit; /** * Defines the Audit Levels of Severity */ public interface AuditLevel { /** Denotes situations where there has been a server exception */ String ERROR = "Error"; /** Denotes situations when there has been a failed attempt */ String FAILURE = "Failure"; String SUCCESS = "Success"; /** Information is passed into the audit logs */ String INFO = "Info"; }
The
AuditContext
is a set of AuditProvider
s. The interface for an AuditProvider
looks like this:
package org.jboss.security.audit; /** * Audit Provider that can log audit events to an external * log file */ public interface AuditProvider { /** * Performs an audit of the event passed * A provider can log the audit as required. * @param ae audit event that holds information on the audit * @see AuditEvent */ public void audit(AuditEvent ae); }