Class SecurityAuditManager


  • public class SecurityAuditManager
    extends Object
    The SecurityAuditManager manages the SecurityAuditProvider configured for this server, and provides a proper conduit for making security log entries and looking them up. Ideally there is no reason for outside classes to interact directly with a provider. The provider can be specified in system properties by adding:
    • provider.securityAudit.className = my.security.audit.provider
    Author:
    Daniel Henninger
    • Method Detail

      • getSecurityAuditProvider

        public static SecurityAuditProvider getSecurityAuditProvider()
        Returns the currently-installed SecurityAuditProvider. Warning: in virtually all cases the security audit provider should not be used directly. Instead, the appropriate methods in SecurityAuditManager should be called. Direct access to the security audit provider is only provided for special-case logic.
        Returns:
        the current SecurityAuditProvider.
      • getInstance

        public static SecurityAuditManager getInstance()
        Returns a singleton instance of SecurityAuditManager.
        Returns:
        a SecurityAuditManager instance.
      • logEvent

        public void logEvent​(String username,
                             String summary,
                             String details)
        Records a security event in the audit logs.
        Parameters:
        username - Username of user who performed the security event.
        summary - Short description of the event, similar to a subject.
        details - Detailed description of the event, can be null if not desired.
      • getEvents

        public List<SecurityAuditEvent> getEvents​(String username,
                                                  Integer skipEvents,
                                                  Integer numEvents,
                                                  Date startTime,
                                                  Date endTime)
                                           throws AuditWriteOnlyException
        Retrieves security events that have occurred, filtered by the parameters passed. The events will be in order of most recent to least recent. Any parameters that are left null are to be ignored. In other words, if username is null, then no specific username is being searched for.
        Parameters:
        username - Username of user to look up. Can be null for no username filtering.
        skipEvents - Number of events to skip past (typically for paging). Can be null for first page.
        numEvents - Number of events to retrieve. Can be null for "all" events.
        startTime - Oldest date of range of events to retrieve. Can be null for forever.
        endTime - Most recent date of range of events to retrieve. Can be null for "now".
        Returns:
        Array of security events.
        Throws:
        AuditWriteOnlyException - if provider can not be read from.