You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-dev@portals.apache.org by ta...@apache.org on 2007/07/11 23:17:51 UTC
svn commit: r555400 - in /portals/jetspeed-2/trunk:
applications/j2-admin/src/java/org/apache/jetspeed/portlets/security/users/
components/statistics/src/java/org/apache/jetspeed/audit/impl/
components/statistics/src/test/org/apache/jetspeed/audit/ etc...
Author: taylor
Date: Wed Jul 11 14:17:49 2007
New Revision: 555400
URL: http://svn.apache.org/viewvc?view=rev&rev=555400
Log:
https://issues.apache.org/jira/browse/JS2-724
Auditing Activity logging implemented, some last minute requests
Modified:
portals/jetspeed-2/trunk/applications/j2-admin/src/java/org/apache/jetspeed/portlets/security/users/UserDetailsPortlet.java
portals/jetspeed-2/trunk/components/statistics/src/java/org/apache/jetspeed/audit/impl/ActivityBean.java
portals/jetspeed-2/trunk/components/statistics/src/java/org/apache/jetspeed/audit/impl/AuditActivityImpl.java
portals/jetspeed-2/trunk/components/statistics/src/test/org/apache/jetspeed/audit/TestAuditActivity.java
portals/jetspeed-2/trunk/etc/schema/phase1-schema.xml
portals/jetspeed-2/trunk/etc/sql/derby/schema/phase1-schema.sql
portals/jetspeed-2/trunk/jetspeed-api/src/java/org/apache/jetspeed/audit/AuditActivity.java
Modified: portals/jetspeed-2/trunk/applications/j2-admin/src/java/org/apache/jetspeed/portlets/security/users/UserDetailsPortlet.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/applications/j2-admin/src/java/org/apache/jetspeed/portlets/security/users/UserDetailsPortlet.java?view=diff&rev=555400&r1=555399&r2=555400
==============================================================================
--- portals/jetspeed-2/trunk/applications/j2-admin/src/java/org/apache/jetspeed/portlets/security/users/UserDetailsPortlet.java (original)
+++ portals/jetspeed-2/trunk/applications/j2-admin/src/java/org/apache/jetspeed/portlets/security/users/UserDetailsPortlet.java Wed Jul 11 14:17:49 2007
@@ -665,7 +665,7 @@
Folder folder = pageManager.getFolder(subsite);
pageManager.removeFolder(folder);
}
- audit.logAdminUserActivity(actionRequest.getRemoteUser(), getIPAddress(actionRequest), userName, AuditActivity.USER_DELETE, USER_ADMINISTRATION);
+ audit.logAdminUserActivity(actionRequest.getUserPrincipal().getName(), getIPAddress(actionRequest), userName, AuditActivity.USER_DELETE, USER_ADMINISTRATION);
// remove selected user from USERS_TOPIC
PortletMessaging.cancel(actionRequest,SecurityResources.TOPIC_USERS, SecurityResources.MESSAGE_SELECTED);
// TODO: send message to site manager portlet
@@ -710,7 +710,7 @@
if ( password != null && password.trim().length() > 0 )
{
userManager.setPassword(userName, null, password);
- audit.logAdminCredentialActivity(actionRequest.getRemoteUser(), getIPAddress(actionRequest), userName, AuditActivity.PASSWORD_RESET, USER_ADMINISTRATION);
+ audit.logAdminCredentialActivity(actionRequest.getUserPrincipal().getName(), getIPAddress(actionRequest), userName, AuditActivity.PASSWORD_RESET, USER_ADMINISTRATION);
passwordSet = true;
}
PasswordCredential credential = getCredential(actionRequest, userName);
@@ -723,7 +723,7 @@
if (updateRequired != credential.isUpdateRequired())
{
userManager.setPasswordUpdateRequired(userName,updateRequired);
- audit.logAdminCredentialActivity(actionRequest.getRemoteUser(), getIPAddress(actionRequest), userName, AuditActivity.PASSWORD_UPDATE_REQUIRED, USER_ADMINISTRATION);
+ audit.logAdminCredentialActivity(actionRequest.getUserPrincipal().getName(), getIPAddress(actionRequest), userName, AuditActivity.PASSWORD_UPDATE_REQUIRED, USER_ADMINISTRATION);
}
}
String enabledStr = actionRequest.getParameter("user_cred_enabled");
@@ -734,7 +734,7 @@
{
userManager.setPasswordEnabled(userName,enabled);
String activity = (enabled) ? AuditActivity.PASSWORD_ENABLED : AuditActivity.PASSWORD_DISABLED;
- audit.logAdminCredentialActivity(actionRequest.getRemoteUser(), getIPAddress(actionRequest), userName, activity, USER_ADMINISTRATION);
+ audit.logAdminCredentialActivity(actionRequest.getUserPrincipal().getName(), getIPAddress(actionRequest), userName, activity, USER_ADMINISTRATION);
}
}
String expiredFlagStr = actionRequest.getParameter("user_expired_flag");
@@ -744,17 +744,17 @@
{
java.sql.Date today = new java.sql.Date(new Date().getTime());
userManager.setPasswordExpiration(userName,today);
- audit.logAdminCredentialActivity(actionRequest.getRemoteUser(), getIPAddress(actionRequest), userName, AuditActivity.PASSWORD_EXPIRE, USER_ADMINISTRATION);
+ audit.logAdminCredentialActivity(actionRequest.getUserPrincipal().getName(), getIPAddress(actionRequest), userName, AuditActivity.PASSWORD_EXPIRE, USER_ADMINISTRATION);
}
else if (expiredFlagStr.equals("extend"))
{
userManager.setPasswordExpiration(userName,null);
- audit.logAdminCredentialActivity(actionRequest.getRemoteUser(), getIPAddress(actionRequest), userName, AuditActivity.PASSWORD_EXTEND, USER_ADMINISTRATION);
+ audit.logAdminCredentialActivity(actionRequest.getUserPrincipal().getName(), getIPAddress(actionRequest), userName, AuditActivity.PASSWORD_EXTEND, USER_ADMINISTRATION);
}
else if (expiredFlagStr.equals("unlimited"))
{
userManager.setPasswordExpiration(userName,InternalCredential.MAX_DATE);
- audit.logAdminCredentialActivity(actionRequest.getRemoteUser(), getIPAddress(actionRequest), userName, AuditActivity.PASSWORD_UNLIMITED, USER_ADMINISTRATION);
+ audit.logAdminCredentialActivity(actionRequest.getUserPrincipal().getName(), getIPAddress(actionRequest), userName, AuditActivity.PASSWORD_UNLIMITED, USER_ADMINISTRATION);
}
}
}
@@ -795,7 +795,7 @@
if (value != null)
{
user.getUserAttributes().put(attr.getName(), value);
- audit.logAdminAttributeActivity(actionRequest.getRemoteUser(), getIPAddress(actionRequest), userName, AuditActivity.USER_ADD_ATTRIBUTE, attr.getName(), value, USER_ADMINISTRATION);
+ audit.logAdminAttributeActivity(actionRequest.getUserPrincipal().getName(), getIPAddress(actionRequest), userName, AuditActivity.USER_ADD_ATTRIBUTE, attr.getName(), value, value, USER_ADMINISTRATION);
}
}
}
@@ -819,8 +819,9 @@
{
String userAttrName = userAttrNames[i];
String value = actionRequest.getParameter(userAttrName + ":value");
+ String before = user.getUserAttributes().get(userAttrName, "");
user.getUserAttributes().put(userAttrName, value);
- audit.logAdminAttributeActivity(actionRequest.getRemoteUser(), getIPAddress(actionRequest), userName, AuditActivity.USER_UPDATE_ATTRIBUTE, userAttrName, value, USER_ADMINISTRATION);
+ audit.logAdminAttributeActivity(actionRequest.getUserPrincipal().getName(), getIPAddress(actionRequest), userName, AuditActivity.USER_UPDATE_ATTRIBUTE, userAttrName, before, value, USER_ADMINISTRATION);
}
}
}
@@ -839,7 +840,7 @@
{
Preferences attributes = user.getUserAttributes();
attributes.put(userAttrName, userAttrValue);
- audit.logAdminAttributeActivity(actionRequest.getRemoteUser(), getIPAddress(actionRequest), userName, AuditActivity.USER_ADD_ATTRIBUTE, userAttrName, userAttrValue, USER_ADMINISTRATION);
+ audit.logAdminAttributeActivity(actionRequest.getUserPrincipal().getName(), getIPAddress(actionRequest), userName, AuditActivity.USER_ADD_ATTRIBUTE, userAttrName, "", userAttrValue, USER_ADMINISTRATION);
}
}
}
@@ -861,8 +862,9 @@
{
try
{
+ String before = attributes.get(userAttrNames[ix], "");
attributes.remove(userAttrNames[ix]);
- audit.logAdminAttributeActivity(actionRequest.getRemoteUser(), getIPAddress(actionRequest), userName, AuditActivity.USER_DELETE_ATTRIBUTE, userAttrNames[ix], "", USER_ADMINISTRATION);
+ audit.logAdminAttributeActivity(actionRequest.getUserPrincipal().getName(), getIPAddress(actionRequest), userName, AuditActivity.USER_DELETE_ATTRIBUTE, userAttrNames[ix], before, "", USER_ADMINISTRATION);
}
catch (Exception e)
{
@@ -891,7 +893,7 @@
if (roleManager.roleExists(roleNames[ix]))
{
roleManager.removeRoleFromUser(userName, roleNames[ix]);
- audit.logAdminAttributeActivity(actionRequest.getRemoteUser(), getIPAddress(actionRequest), userName, AuditActivity.USER_DELETE_ROLE, roleNames[ix], "", USER_ADMINISTRATION);
+ audit.logAdminAuthorizationActivity(actionRequest.getUserPrincipal().getName(), getIPAddress(actionRequest), userName, AuditActivity.USER_DELETE_ROLE, roleNames[ix], USER_ADMINISTRATION);
}
}
catch (SecurityException e)
@@ -916,7 +918,7 @@
try
{
roleManager.addRoleToUser(userName, roleName);
- audit.logAdminAttributeActivity(actionRequest.getRemoteUser(), getIPAddress(actionRequest), userName, AuditActivity.USER_ADD_ROLE, roleName, "", USER_ADMINISTRATION);
+ audit.logAdminAuthorizationActivity(actionRequest.getUserPrincipal().getName(), getIPAddress(actionRequest), userName, AuditActivity.USER_ADD_ROLE, roleName, USER_ADMINISTRATION);
}
catch (SecurityException e)
{
@@ -944,7 +946,7 @@
if (groupManager.groupExists(groupNames[ix]))
{
groupManager.removeUserFromGroup(userName, groupNames[ix]);
- audit.logAdminAttributeActivity(actionRequest.getRemoteUser(), getIPAddress(actionRequest), userName, AuditActivity.USER_DELETE_GROUP, groupNames[ix], "", USER_ADMINISTRATION);
+ audit.logAdminAuthorizationActivity(actionRequest.getUserPrincipal().getName(), getIPAddress(actionRequest), userName, AuditActivity.USER_DELETE_GROUP, groupNames[ix], USER_ADMINISTRATION);
}
}
catch (SecurityException e)
@@ -969,7 +971,7 @@
try
{
groupManager.addUserToGroup(userName, groupName);
- audit.logAdminAttributeActivity(actionRequest.getRemoteUser(), getIPAddress(actionRequest), userName, AuditActivity.USER_ADD_GROUP, groupName, "", USER_ADMINISTRATION);
+ audit.logAdminAuthorizationActivity(actionRequest.getUserPrincipal().getName(), getIPAddress(actionRequest), userName, AuditActivity.USER_ADD_GROUP, groupName, USER_ADMINISTRATION);
}
catch (SecurityException e)
{
@@ -1079,7 +1081,7 @@
profiler.setRuleForPrincipal(userPrincipal,
profiler.getRule(ruleName),
locatorName);
- audit.logAdminAttributeActivity(actionRequest.getRemoteUser(), getIPAddress(actionRequest), userName, AuditActivity.USER_ADD_PROFILE, ruleName, locatorName, USER_ADMINISTRATION);
+ audit.logAdminAuthorizationActivity(actionRequest.getUserPrincipal().getName(), getIPAddress(actionRequest), userName, AuditActivity.USER_ADD_PROFILE, ruleName + "-" + locatorName, USER_ADMINISTRATION);
}
catch (Exception e)
{
@@ -1114,7 +1116,7 @@
if (rule.getLocatorName().equals(locatorNames[ix]))
{
profiler.deletePrincipalRule(rule);
- audit.logAdminAttributeActivity(actionRequest.getRemoteUser(), getIPAddress(actionRequest), userName, AuditActivity.USER_DELETE_PROFILE, rule.getProfilingRule().getId(), rule.getLocatorName(), USER_ADMINISTRATION);
+ audit.logAdminAuthorizationActivity(actionRequest.getUserPrincipal().getName(), getIPAddress(actionRequest), userName, AuditActivity.USER_DELETE_PROFILE, rule.getProfilingRule().getId() + "-" + rule.getLocatorName(), USER_ADMINISTRATION);
}
}
}
@@ -1140,7 +1142,7 @@
throw new SecurityException(SecurityException.PASSWORD_REQUIRED);
}
userManager.addUser(userName, password);
- audit.logAdminUserActivity(actionRequest.getRemoteUser(), getIPAddress(actionRequest), userName, AuditActivity.USER_CREATE, USER_ADMINISTRATION);
+ audit.logAdminUserActivity(actionRequest.getUserPrincipal().getName(), getIPAddress(actionRequest), userName, AuditActivity.USER_CREATE, USER_ADMINISTRATION);
PortletMessaging.publish(actionRequest, SecurityResources.TOPIC_USERS, SecurityResources.MESSAGE_REFRESH, "true");
PortletMessaging.publish(actionRequest, SecurityResources.TOPIC_USERS, SecurityResources.MESSAGE_SELECTED, userName);
Modified: portals/jetspeed-2/trunk/components/statistics/src/java/org/apache/jetspeed/audit/impl/ActivityBean.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/statistics/src/java/org/apache/jetspeed/audit/impl/ActivityBean.java?view=diff&rev=555400&r1=555399&r2=555400
==============================================================================
--- portals/jetspeed-2/trunk/components/statistics/src/java/org/apache/jetspeed/audit/impl/ActivityBean.java (original)
+++ portals/jetspeed-2/trunk/components/statistics/src/java/org/apache/jetspeed/audit/impl/ActivityBean.java Wed Jul 11 14:17:49 2007
@@ -27,7 +27,8 @@
private Timestamp timestamp;
private String ipAddress;
private String name;
- private String value;
+ private String beforeValue;
+ private String afterValue;
private String description;
public String getActivity()
@@ -109,14 +110,29 @@
{
this.userName = userName;
}
+
- public String getValue()
+ public String getAfterValue()
{
- return value;
+ return afterValue;
}
+
- public void setValue(String value)
+ public void setAfterValue(String afterValue)
{
- this.value = value;
- }
+ this.afterValue = afterValue;
+ }
+
+
+ public String getBeforeValue()
+ {
+ return beforeValue;
+ }
+
+
+ public void setBeforeValue(String beforeValue)
+ {
+ this.beforeValue = beforeValue;
+ }
+
}
Modified: portals/jetspeed-2/trunk/components/statistics/src/java/org/apache/jetspeed/audit/impl/AuditActivityImpl.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/statistics/src/java/org/apache/jetspeed/audit/impl/AuditActivityImpl.java?view=diff&rev=555400&r1=555399&r2=555400
==============================================================================
--- portals/jetspeed-2/trunk/components/statistics/src/java/org/apache/jetspeed/audit/impl/AuditActivityImpl.java (original)
+++ portals/jetspeed-2/trunk/components/statistics/src/java/org/apache/jetspeed/audit/impl/AuditActivityImpl.java Wed Jul 11 14:17:49 2007
@@ -64,11 +64,11 @@
return ds;
}
- public void logAdminAttributeActivity(String adminName, String ipAddress, String targetUser, String activity, String name, String value, String description)
+ public void logAdminAttributeActivity(String adminName, String ipAddress, String targetUser, String activity, String name, String beforeValue, String afterValue, String description)
{
if (enabled)
{
- logAdminActivity(adminName, ipAddress, targetUser, activity, description, AuditActivity.CAT_ADMIN_ATTRIBUTE_MAINTENANCE, name, value);
+ logAdminActivity(adminName, ipAddress, targetUser, activity, description, AuditActivity.CAT_ADMIN_ATTRIBUTE_MAINTENANCE, name, beforeValue, afterValue);
}
}
@@ -76,19 +76,27 @@
{
if (enabled)
{
- logAdminActivity(adminName, ipAddress, targetUser, activity, description, AuditActivity.CAT_ADMIN_CREDENTIAL_MAINTENANCE, "", "");
+ logAdminActivity(adminName, ipAddress, targetUser, activity, description, AuditActivity.CAT_ADMIN_CREDENTIAL_MAINTENANCE, "", "", "");
}
}
+ public void logAdminAuthorizationActivity(String adminName, String ipAddress, String targetUser, String activity, String value, String description)
+ {
+ if (enabled)
+ {
+ logAdminActivity(adminName, ipAddress, targetUser, activity, description, AuditActivity.CAT_ADMIN_AUTHORIZATION_MAINTENANCE, "", value, "");
+ }
+ }
+
public void logAdminUserActivity(String adminName, String ipAddress, String targetUser, String activity, String description)
{
if (enabled)
{
- logAdminActivity(adminName, ipAddress, targetUser, activity, description, AuditActivity.CAT_ADMIN_USER_MAINTENANCE, "", "");
+ logAdminActivity(adminName, ipAddress, targetUser, activity, description, AuditActivity.CAT_ADMIN_USER_MAINTENANCE, "", "", "");
}
}
- protected void logAdminActivity(String adminName, String ipAddress, String targetUser, String activity, String description, String category, String name, String value)
+ protected void logAdminActivity(String adminName, String ipAddress, String targetUser, String activity, String description, String category, String name, String beforeValue, String afterValue)
{
Connection con = null;
PreparedStatement stm = null;
@@ -96,7 +104,7 @@
{
Timestamp timestamp = new Timestamp(System.currentTimeMillis());
con = ds.getConnection();
- stm = con.prepareStatement("INSERT INTO ADMIN_ACTIVITY (ACTIVITY, CATEGORY, ADMIN, USER_NAME, TIME_STAMP, IPADDRESS, ATTR_NAME, ATTR_VALUE, DESCRIPTION) VALUES(?,?,?,?,?,?,?,?,?)");
+ stm = con.prepareStatement("INSERT INTO ADMIN_ACTIVITY (ACTIVITY, CATEGORY, ADMIN, USER_NAME, TIME_STAMP, IPADDRESS, ATTR_NAME, ATTR_VALUE_BEFORE, ATTR_VALUE_AFTER, DESCRIPTION) VALUES(?,?,?,?,?,?,?,?,?,?)");
stm.setString(1, activity);
stm.setString(2, category);
stm.setString(3, adminName);
@@ -104,8 +112,9 @@
stm.setTimestamp(5, timestamp);
stm.setString(6, ipAddress);
stm.setString(7, name);
- stm.setString(8, value);
- stm.setString(9, description);
+ stm.setString(8, beforeValue);
+ stm.setString(9, afterValue);
+ stm.setString(10, description);
stm.execute();
}
catch (SQLException e)
@@ -123,9 +132,19 @@
releaseConnection(con);
}
}
-
+
public void logUserActivity(String userName, String ipAddress, String activity, String description)
{
+ logUserActivities(userName, ipAddress, activity, "", "", "", description, AuditActivity.CAT_USER_AUTHENTICATION);
+ }
+
+ public void logUserAttributeActivity(String userName, String ipAddress, String activity, String name, String beforeValue, String afterValue, String description)
+ {
+ logUserActivities(userName, ipAddress, activity, name, beforeValue, afterValue, description, AuditActivity.CAT_USER_ATTRIBUTE);
+ }
+
+ protected void logUserActivities(String userName, String ipAddress, String activity, String name, String beforeValue, String afterValue, String description, String category)
+ {
if (enabled)
{
Connection con = null;
@@ -134,13 +153,16 @@
{
Timestamp timestamp = new Timestamp(System.currentTimeMillis());
con = ds.getConnection();
- stm = con.prepareStatement("INSERT INTO USER_ACTIVITY (ACTIVITY, CATEGORY, USER_NAME, TIME_STAMP, IPADDRESS, DESCRIPTION) VALUES(?,?,?,?,?,?)");
+ stm = con.prepareStatement("INSERT INTO USER_ACTIVITY (ACTIVITY, CATEGORY, USER_NAME, TIME_STAMP, IPADDRESS, ATTR_NAME, ATTR_VALUE_BEFORE, ATTR_VALUE_AFTER, DESCRIPTION) VALUES(?,?,?,?,?,?,?,?,?)");
stm.setString(1, activity);
- stm.setString(2, AuditActivity.CAT_USER_AUTHENTICATION);
+ stm.setString(2, category);
stm.setString(3, userName);
stm.setTimestamp(4, timestamp);
stm.setString(5, ipAddress);
- stm.setString(6, description);
+ stm.setString(6, name);
+ stm.setString(7, beforeValue);
+ stm.setString(8, afterValue);
+ stm.setString(9, description);
stm.executeUpdate();
}
catch (SQLException e)
Modified: portals/jetspeed-2/trunk/components/statistics/src/test/org/apache/jetspeed/audit/TestAuditActivity.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/statistics/src/test/org/apache/jetspeed/audit/TestAuditActivity.java?view=diff&rev=555400&r1=555399&r2=555400
==============================================================================
--- portals/jetspeed-2/trunk/components/statistics/src/test/org/apache/jetspeed/audit/TestAuditActivity.java (original)
+++ portals/jetspeed-2/trunk/components/statistics/src/test/org/apache/jetspeed/audit/TestAuditActivity.java Wed Jul 11 14:17:49 2007
@@ -159,11 +159,25 @@
assertNotNull(userBean.getTimestamp());
assertEquals(userBean.getIpAddress(), IP1);
assertEquals(userBean.getDescription(), MSG_AUTHENTICATION_FAILURE);
+
+ // Test logging User Attribute activity
+ audit.logUserAttributeActivity(USER, IP1, AuditActivity.USER_ADD_ATTRIBUTE, ATTRIBUTE_NAME_1, ATTRIBUTE_VALUE_BEFORE_1, ATTRIBUTE_VALUE_AFTER_1, MSG_ATTRIBUTE);
+
+ userBean = lookupUserActivity(USER_QUERY, AuditActivity.USER_ADD_ATTRIBUTE);
+ assertEquals(userBean.getActivity(), AuditActivity.USER_ADD_ATTRIBUTE);
+ assertEquals(userBean.getCategory(), AuditActivity.CAT_USER_ATTRIBUTE);
+ assertEquals(userBean.getUserName(), USER);
+ assertNotNull(userBean.getTimestamp());
+ assertEquals(userBean.getIpAddress(), IP1);
+ assertEquals(userBean.getDescription(), MSG_ATTRIBUTE);
+ assertEquals(userBean.getBeforeValue(), ATTRIBUTE_VALUE_BEFORE_1);
+ assertEquals(userBean.getAfterValue(), ATTRIBUTE_VALUE_AFTER_1);
+
// Log Admin Activity
audit.logAdminUserActivity(ADMIN_USER, IP1, USER, AuditActivity.USER_CREATE, MSG_ADDING_USER);
audit.logAdminCredentialActivity(ADMIN_USER, IP1, USER, AuditActivity.PASSWORD_CHANGE_SUCCESS, MSG_CHANGING_PW);
- audit.logAdminAttributeActivity(ADMIN_USER, IP1, USER, AuditActivity.USER_ADD_ATTRIBUTE, ATTRIBUTE_NAME_1, ATTRIBUTE_VALUE_1, MSG_ATTRIBUTE);
+ audit.logAdminAttributeActivity(ADMIN_USER, IP1, USER, AuditActivity.USER_ADD_ATTRIBUTE, ATTRIBUTE_NAME_1, ATTRIBUTE_VALUE_BEFORE_1, ATTRIBUTE_VALUE_AFTER_1, MSG_ATTRIBUTE);
int adminCount = this.countAdminActivity();
assertEquals(adminCount, 3);
@@ -177,7 +191,8 @@
assertEquals(adminBean.getIpAddress(), IP1);
assertEquals(adminBean.getDescription(), MSG_ADDING_USER);
assertTrue(adminBean.getName() == null || adminBean.getName().equals(""));
- assertTrue(adminBean.getValue() == null || adminBean.getValue().equals(""));
+ assertTrue(adminBean.getBeforeValue() == null || adminBean.getBeforeValue().equals(""));
+ assertTrue(adminBean.getAfterValue() == null || adminBean.getAfterValue().equals(""));
adminBean = lookupAdminActivity(ADMIN_QUERY, AuditActivity.PASSWORD_CHANGE_SUCCESS);
assertEquals(adminBean.getActivity(), AuditActivity.PASSWORD_CHANGE_SUCCESS);
@@ -188,7 +203,8 @@
assertEquals(adminBean.getIpAddress(), IP1);
assertEquals(adminBean.getDescription(), MSG_CHANGING_PW);
assertTrue(adminBean.getName() == null || adminBean.getName().equals(""));
- assertTrue(adminBean.getValue() == null || adminBean.getValue().equals(""));
+ assertTrue(adminBean.getBeforeValue() == null || adminBean.getBeforeValue().equals(""));
+ assertTrue(adminBean.getAfterValue() == null || adminBean.getAfterValue().equals(""));
adminBean = lookupAdminActivity(ADMIN_QUERY, AuditActivity.USER_ADD_ATTRIBUTE);
assertEquals(adminBean.getActivity(), AuditActivity.USER_ADD_ATTRIBUTE);
@@ -199,11 +215,12 @@
assertEquals(adminBean.getIpAddress(), IP1);
assertEquals(adminBean.getDescription(), MSG_ATTRIBUTE);
assertEquals(adminBean.getName(), ATTRIBUTE_NAME_1);
- assertEquals(adminBean.getValue(), ATTRIBUTE_VALUE_1);
+ assertEquals(adminBean.getBeforeValue(), ATTRIBUTE_VALUE_BEFORE_1);
+ assertEquals(adminBean.getAfterValue(), ATTRIBUTE_VALUE_AFTER_1);
audit.setEnabled(false);
assertFalse(audit.getEnabled());
- audit.logAdminAttributeActivity(ADMIN_USER, IP1, USER, AuditActivity.USER_ADD_ATTRIBUTE, ATTRIBUTE_NAME_1, ATTRIBUTE_VALUE_1, MSG_ATTRIBUTE);
+ audit.logAdminAttributeActivity(ADMIN_USER, IP1, USER, AuditActivity.USER_ADD_ATTRIBUTE, ATTRIBUTE_NAME_1, ATTRIBUTE_VALUE_BEFORE_1, ATTRIBUTE_VALUE_AFTER_1, MSG_ATTRIBUTE);
adminCount = this.countAdminActivity();
assertEquals(adminCount, 3);
}
@@ -221,7 +238,8 @@
private static String USER = "nelson";
private static String IP1 = "123.234.145.156";
private static String ATTRIBUTE_NAME_1 = "attribute1";
- private static String ATTRIBUTE_VALUE_1 = "value1";
+ private static String ATTRIBUTE_VALUE_BEFORE_1 = "value1BEFORE";
+ private static String ATTRIBUTE_VALUE_AFTER_1 = "value1AFTER";
private ActivityBean lookupUserActivity(String query, String keyActivity) throws SQLException
@@ -242,7 +260,10 @@
bean.setUserName(rs.getString(3));
bean.setTimestamp(rs.getTimestamp(4));
bean.setIpAddress(rs.getString(5));
- bean.setDescription(rs.getString(6));
+ bean.setName(rs.getString(6));
+ bean.setBeforeValue(rs.getString(7));
+ bean.setAfterValue(rs.getString(8));
+ bean.setDescription(rs.getString(9));
return bean;
}
catch (SQLException e)
@@ -291,8 +312,9 @@
bean.setTimestamp(rs.getTimestamp(5));
bean.setIpAddress(rs.getString(6));
bean.setName(rs.getString(7));
- bean.setValue(rs.getString(8));
- bean.setDescription(rs.getString(9));
+ bean.setBeforeValue(rs.getString(8));
+ bean.setAfterValue(rs.getString(9));
+ bean.setDescription(rs.getString(10));
return bean;
}
catch (SQLException e)
Modified: portals/jetspeed-2/trunk/etc/schema/phase1-schema.xml
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/etc/schema/phase1-schema.xml?view=diff&rev=555400&r1=555399&r2=555400
==============================================================================
--- portals/jetspeed-2/trunk/etc/schema/phase1-schema.xml (original)
+++ portals/jetspeed-2/trunk/etc/schema/phase1-schema.xml Wed Jul 11 14:17:49 2007
@@ -130,7 +130,8 @@
<column name='TIME_STAMP' type='TIMESTAMP'/>
<column name='IPADDRESS' type='VARCHAR' size="80"/>
<column name='ATTR_NAME' type='VARCHAR' size='40'/>
- <column name='ATTR_VALUE' type='VARCHAR' size='80'/>
+ <column name='ATTR_VALUE_BEFORE' type='VARCHAR' size='80'/>
+ <column name='ATTR_VALUE_AFTER' type='VARCHAR' size='80'/>
<column name='DESCRIPTION' type='VARCHAR' size="128"/>
</table>
@@ -140,6 +141,9 @@
<column name='USER_NAME' type='VARCHAR' size="80"/>
<column name='TIME_STAMP' type='TIMESTAMP'/>
<column name='IPADDRESS' type='VARCHAR' size="80"/>
+ <column name='ATTR_NAME' type='VARCHAR' size='40'/>
+ <column name='ATTR_VALUE_BEFORE' type='VARCHAR' size='80'/>
+ <column name='ATTR_VALUE_AFTER' type='VARCHAR' size='80'/>
<column name='DESCRIPTION' type='VARCHAR' size="128"/>
</table>
Modified: portals/jetspeed-2/trunk/etc/sql/derby/schema/phase1-schema.sql
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/etc/sql/derby/schema/phase1-schema.sql?view=diff&rev=555400&r1=555399&r2=555400
==============================================================================
--- portals/jetspeed-2/trunk/etc/sql/derby/schema/phase1-schema.sql (original)
+++ portals/jetspeed-2/trunk/etc/sql/derby/schema/phase1-schema.sql Wed Jul 11 14:17:49 2007
@@ -150,7 +150,8 @@
TIME_STAMP TIMESTAMP,
IPADDRESS VARCHAR(80),
ATTR_NAME VARCHAR(40),
- ATTR_VALUE VARCHAR(80),
+ ATTR_VALUE_BEFORE VARCHAR(80),
+ ATTR_VALUE_AFTER VARCHAR(80),
DESCRIPTION VARCHAR(128));
-----------------------------------------------------------------------------
@@ -164,4 +165,7 @@
USER_NAME VARCHAR(80),
TIME_STAMP TIMESTAMP,
IPADDRESS VARCHAR(80),
+ ATTR_NAME VARCHAR(40),
+ ATTR_VALUE_BEFORE VARCHAR(80),
+ ATTR_VALUE_AFTER VARCHAR(80),
DESCRIPTION VARCHAR(128));
Modified: portals/jetspeed-2/trunk/jetspeed-api/src/java/org/apache/jetspeed/audit/AuditActivity.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/jetspeed-api/src/java/org/apache/jetspeed/audit/AuditActivity.java?view=diff&rev=555400&r1=555399&r2=555400
==============================================================================
--- portals/jetspeed-2/trunk/jetspeed-api/src/java/org/apache/jetspeed/audit/AuditActivity.java (original)
+++ portals/jetspeed-2/trunk/jetspeed-api/src/java/org/apache/jetspeed/audit/AuditActivity.java Wed Jul 11 14:17:49 2007
@@ -62,9 +62,11 @@
// General Categories
public static final String CAT_USER_AUTHENTICATION = "authentication";
+ public static final String CAT_USER_ATTRIBUTE = "user-attribute";
public static final String CAT_ADMIN_USER_MAINTENANCE = "user";
public static final String CAT_ADMIN_CREDENTIAL_MAINTENANCE = "credential";
public static final String CAT_ADMIN_ATTRIBUTE_MAINTENANCE = "attribute";
+ public static final String CAT_ADMIN_AUTHORIZATION_MAINTENANCE = "authorization";
/**
* Enable or disable the service at runtime
@@ -111,6 +113,8 @@
*/
public void logAdminCredentialActivity(String username, String ipaddress, String targetUser, String activity, String description);
+ public void logAdminAuthorizationActivity(String username, String ipaddress, String targetUser, String activity, String name, String description);
+
/**
* Log auditable activity by an administrator on attirbutes on behalf of a user
*
@@ -119,11 +123,25 @@
* @param targetUser
* @param activity
* @param name
- * @param value
+ * @param beforeValue
+ * @param afterValue
* @param description
*/
- public void logAdminAttributeActivity(String username, String ipaddress, String targetUser, String activity, String name, String value, String description);
-
+ public void logAdminAttributeActivity(String username, String ipaddress, String targetUser, String activity, String name, String beforeValue, String afterValue, String description);
+
+ /**
+ * Log auditable activity by an administrator on attirbutes on behalf of a user
+ *
+ * @param username
+ * @param ipaddress
+ * @param activity
+ * @param name
+ * @param beforeValue
+ * @param afterValue
+ * @param description
+ */
+ public void logUserAttributeActivity(String username, String ipaddress, String activity, String name, String beforeValue, String afterValue, String description);
+
/**
* @return DataSource in use by the logger useful for writing decent tests
*/
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org