Package org.jivesoftware.openfire.security

Class SecurityAuditManager

java.lang.Object

org.jivesoftware.openfire.security.SecurityAuditManager

public class SecurityAuditManager
extends Object

The SecurityAuditManager manages the SecurityAuditProvider configured for this server, and provides a proper conduit for making security log entries and looking them up. Ideally there is no reason for outside classes to interact directly with a provider. The provider can be specified in system properties by adding:

• provider.securityAudit.className = my.security.audit.provider

Author:

Daniel Henninger

Field Summary

Fields

Modifier and Type	Field	Description
static final SystemProperty<Class>	AUDIT_PROVIDER

Method Summary

Modifier and Type	Method	Description
SecurityAuditEvent	getEvent(Integer msgID)	Retrieves a specific event by ID in the form of a SecurityAuditEvent.
List<SecurityAuditEvent>	getEvents(String username, Integer skipEvents, Integer numEvents, Date startTime, Date endTime)	Retrieves security events that have occurred, filtered by the parameters passed.
static SecurityAuditManager	getInstance()	Returns a singleton instance of SecurityAuditManager.
static SecurityAuditProvider	getSecurityAuditProvider()	Returns the currently-installed SecurityAuditProvider.
void	logEvent(String username, String summary, String details)	Records a security event in the audit logs.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

AUDIT_PROVIDER

public static final SystemProperty<Class> AUDIT_PROVIDER

Method Details

getSecurityAuditProvider

public static SecurityAuditProvider getSecurityAuditProvider()

Returns the currently-installed SecurityAuditProvider. Warning: in virtually all cases the security audit provider should not be used directly. Instead, the appropriate methods in SecurityAuditManager should be called. Direct access to the security audit provider is only provided for special-case logic.

Returns:

the current SecurityAuditProvider.

getInstance

public static SecurityAuditManager getInstance()

Returns a singleton instance of SecurityAuditManager.

Returns:

a SecurityAuditManager instance.

logEvent

public void logEvent(String username,
 String summary,
 String details)

Records a security event in the audit logs.

Parameters:

username - Username of user who performed the security event.

summary - Short description of the event, similar to a subject.

details - Detailed description of the event, can be null if not desired.

getEvents

public List<SecurityAuditEvent> getEvents(String username,
 Integer skipEvents,
 Integer numEvents,
 Date startTime,
 Date endTime)
                                   throws AuditWriteOnlyException

Retrieves security events that have occurred, filtered by the parameters passed. The events will be in order of most recent to least recent. Any parameters that are left null are to be ignored. In other words, if username is null, then no specific username is being searched for.

Parameters:

username - Username of user to look up. Can be null for no username filtering.

skipEvents - Number of events to skip past (typically for paging). Can be null for first page.

numEvents - Number of events to retrieve. Can be null for "all" events.

startTime - Oldest date of range of events to retrieve. Can be null for forever.

endTime - Most recent date of range of events to retrieve. Can be null for "now".

Returns:

Array of security events.

Throws:

AuditWriteOnlyException - if provider can not be read from.

getEvent

public SecurityAuditEvent getEvent(Integer msgID)
                            throws EventNotFoundException,
AuditWriteOnlyException

Retrieves a specific event by ID in the form of a SecurityAuditEvent.

Parameters:

msgID - ID number of event to retrieve.

Returns:

SecurityAuditEvent object with information from retrieved event.

Throws:

EventNotFoundException - if event was not found.

AuditWriteOnlyException - if provider can not be read from.