AuditActivityImpl xref

View Javadoc

1   /*
2    * Licensed to the Apache Software Foundation (ASF) under one or more
3    * contributor license agreements.  See the NOTICE file distributed with
4    * this work for additional information regarding copyright ownership.
5    * The ASF licenses this file to You under the Apache License, Version 2.0
6    * (the "License"); you may not use this file except in compliance with
7    * the License.  You may obtain a copy of the License at
8    * 
9    *      http://www.apache.org/licenses/LICENSE-2.0
10   * 
11   * Unless required by applicable law or agreed to in writing, software
12   * distributed under the License is distributed on an "AS IS" BASIS,
13   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14   * See the License for the specific language governing permissions and
15   * limitations under the License.
16   */
17  package org.apache.jetspeed.audit.impl;
18  
19  import java.sql.Connection;
20  import java.sql.PreparedStatement;
21  import java.sql.SQLException;
22  import java.sql.Timestamp;
23  
24  import javax.sql.DataSource;
25  
26  import org.apache.commons.logging.Log;
27  import org.apache.commons.logging.LogFactory;
28  import org.apache.jetspeed.audit.AuditActivity;
29  import org.springframework.orm.ojb.support.PersistenceBrokerDaoSupport;
30  
31  /***
32   * <p>
33   * Gathers information about security auditing activity  
34   * </p>
35   * 
36   * @author <a href="mailto:taylor@apache.org">David Sean Taylor </a>
37   * @version $Id: $
38   */
39  public class AuditActivityImpl extends PersistenceBrokerDaoSupport implements AuditActivity
40  {
41      protected final static Log log = LogFactory.getLog(AuditActivityImpl.class);
42      
43      protected DataSource ds;
44      protected String anonymousUser = "guest";
45      protected boolean enabled = true;
46  
47      public AuditActivityImpl(DataSource dataSource)
48      {
49          this.ds = dataSource;        
50      }
51      
52      public void setEnabled(boolean enabled)
53      {
54          this.enabled = enabled;
55      }
56      
57      public boolean getEnabled()
58      {
59          return this.enabled;
60      }
61      
62      public DataSource getDataSource()
63      {
64          return ds;
65      }
66      
67      public void logAdminAttributeActivity(String adminName, String ipAddress, String targetUser, String activity, String name, String beforeValue, String afterValue, String description)
68      {
69          if (enabled)
70          {
71              logAdminActivity(adminName, ipAddress, targetUser, activity, description, AuditActivity.CAT_ADMIN_ATTRIBUTE_MAINTENANCE, name, beforeValue, afterValue);
72          }
73      }
74  
75      public void logAdminCredentialActivity(String adminName, String ipAddress, String targetUser, String activity, String description)
76      {
77          if (enabled)
78          {
79              logAdminActivity(adminName, ipAddress, targetUser, activity, description, AuditActivity.CAT_ADMIN_CREDENTIAL_MAINTENANCE, "", "", "");
80          }
81      }
82  
83      public void logAdminAuthorizationActivity(String adminName, String ipAddress, String targetUser, String activity, String value, String description)
84      {
85          if (enabled)
86          {
87              logAdminActivity(adminName, ipAddress, targetUser, activity, description, AuditActivity.CAT_ADMIN_AUTHORIZATION_MAINTENANCE, "", value, "");
88          }
89      }
90      
91      public void logAdminUserActivity(String adminName, String ipAddress, String targetUser, String activity, String description)
92      {
93          if (enabled)
94          {
95              logAdminActivity(adminName, ipAddress, targetUser, activity, description, AuditActivity.CAT_ADMIN_USER_MAINTENANCE, "", "", "");
96          }
97      }
98      
99      protected void logAdminActivity(String adminName, String ipAddress, String targetUser, String activity, String description, String category, String name, String beforeValue, String afterValue)
100     {
101         Connection con = null;
102         PreparedStatement stm = null;        
103         try
104         {
105             Timestamp timestamp = new Timestamp(System.currentTimeMillis());
106             con = ds.getConnection();
107             stm  = con.prepareStatement("INSERT INTO ADMIN_ACTIVITY (ACTIVITY, CATEGORY, ADMIN, USER_NAME, TIME_STAMP, IPADDRESS, ATTR_NAME, ATTR_VALUE_BEFORE, ATTR_VALUE_AFTER, DESCRIPTION) VALUES(?,?,?,?,?,?,?,?,?,?)");
108             stm.setString(1, activity);
109             stm.setString(2, category);
110             stm.setString(3, adminName);
111             stm.setString(4, targetUser);
112             stm.setTimestamp(5, timestamp);
113             stm.setString(6, ipAddress);
114             stm.setString(7, name);
115             stm.setString(8, beforeValue);
116             stm.setString(9, afterValue);
117             stm.setString(10, description);            
118             stm.execute();            
119         } 
120         catch (SQLException e)
121         {
122             log.error(e);
123         } 
124         finally
125         {
126             try
127             {
128                 if (stm != null) stm.close();
129             } 
130             catch (SQLException se) 
131             {}
132             releaseConnection(con);
133         }
134     }
135     
136     public void logUserActivity(String userName, String ipAddress, String activity, String description)
137     {
138         logUserActivities(userName, ipAddress, activity, "", "", "", description, AuditActivity.CAT_USER_AUTHENTICATION);
139     }
140  
141     public void logUserAttributeActivity(String userName, String ipAddress, String activity, String name, String beforeValue, String afterValue, String description)
142     {
143         logUserActivities(userName, ipAddress, activity, name, beforeValue, afterValue, description, AuditActivity.CAT_USER_ATTRIBUTE);               
144     }
145     
146     protected void logUserActivities(String userName, String ipAddress, String activity, String name, String beforeValue, String afterValue, String description, String category)
147     {
148         if (enabled)
149         {
150             Connection con = null;
151             PreparedStatement stm = null;        
152             try
153             {
154                 Timestamp timestamp = new Timestamp(System.currentTimeMillis());
155                 con = ds.getConnection();
156                 stm  = con.prepareStatement("INSERT INTO USER_ACTIVITY (ACTIVITY, CATEGORY, USER_NAME, TIME_STAMP, IPADDRESS, ATTR_NAME, ATTR_VALUE_BEFORE, ATTR_VALUE_AFTER, DESCRIPTION) VALUES(?,?,?,?,?,?,?,?,?)");
157                 stm.setString(1, activity);
158                 stm.setString(2, category);
159                 stm.setString(3, userName);
160                 stm.setTimestamp(4, timestamp);
161                 stm.setString(5, ipAddress);
162                 stm.setString(6, name);
163                 stm.setString(7, beforeValue);
164                 stm.setString(8, afterValue);                
165                 stm.setString(9, description);
166                 stm.executeUpdate();
167             } 
168             catch (SQLException e)
169             {
170                 // todo log to standard Jetspeed logger
171                 e.printStackTrace();
172             } 
173             finally
174             {
175                 try
176                 {
177                     if (stm != null) stm.close();
178                 } 
179                 catch (SQLException se) 
180                 {}
181                 releaseConnection(con);
182             }
183         }
184     }    
185     
186     void releaseConnection(Connection con)
187     {
188         try
189         {
190             if (con != null) con.close();
191         } catch (SQLException e)
192         {
193         }
194     }
195 }