Chapter 17. Example of Auditing
The following is a test case for the default implementation's
JBossAuditManager.
package org.jboss.test.audit;
import org.jboss.security.SecurityContext;
import org.jboss.security.audit.AuditEvent;
import org.jboss.security.audit.AuditLevel;
import org.jboss.security.audit.AuditManager;
import org.jboss.security.audit.config.AuditProviderEntry;
import org.jboss.security.config.ApplicationPolicy;
import org.jboss.security.config.AuditInfo;
import org.jboss.security.config.SecurityConfiguration;
import org.jboss.security.plugins.SecurityContextFactory;
import junit.framework.TestCase;
/**
* Tests for the Auditing Layer
*/
public class AuditUnitTestCase extends TestCase
{
@Override
protected void setUp() throws Exception
{
super.setUp();
setUpSecurityConfiguration();
}
/**
* We invoke the AuditManager on the security context to audit
* a particular AuditEvent. The AuditManager is configured with a
* test logging provider, which places the event on a thread-local
* of a static class. The test then checks the thread-local for
* the audit event.
*/
public void testAuditConfiguration()
{
SecurityContext sc = SecurityContextFactory.createSecurityContext("test");
AuditManager am = sc.getAuditManager();
AuditEvent ae = new AuditEvent(AuditLevel.ERROR);
am.audit(ae);
//Now check that the Audit Event has been placed on the thread local
//by our TestAuditProvider
AuditEvent aev = (AuditEvent) AuditTestAssociation.auditEventLocal.get();
assertEquals("Audit events are the same", ae, aev);
}
private void setUpSecurityConfiguration()
{
String p = TestAuditProvider.class.getName();
ApplicationPolicy ap = new ApplicationPolicy("test");
AuditInfo auditInfo = new AuditInfo("test");
AuditProviderEntry ape = new AuditProviderEntry(p);
auditInfo.add(ape);
ap.setAuditInfo(auditInfo);
SecurityConfiguration.addApplicationPolicy(ap);
}
}
The
TestAuditProvider class interface looks like this:
package org.jboss.test.audit;
import org.jboss.security.audit.AbstractAuditProvider;
import org.jboss.security.audit.AuditEvent;
//$Id$
/**
* Test Audit Provider that places the Audit Event on the
* thread local of AuditTestAssociation
*/
public class TestAuditProvider extends AbstractAuditProvider
{
public TestAuditProvider()
{
}
@Override
public void audit(AuditEvent ae)
{
AuditTestAssociation.auditEventLocal.set(ae);
}
}
The
AuditTestAssociation class has a thread-local.
package org.jboss.test.audit;
/**
* A test class that stores a static thread-local
*/
public class AuditTestAssociation
{
public static ThreadLocal auditEventLocal = new ThreadLocal();
}
