You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@activemq.apache.org by gt...@apache.org on 2017/07/10 13:11:04 UTC
activemq git commit: [AMQ-6764] add logging of exit of jmx ops such
that overlaps and delays are visible in the audit. fix and test
Repository: activemq
Updated Branches:
refs/heads/master 499347542 -> d7f70837b
[AMQ-6764] add logging of exit of jmx ops such that overlaps and delays are visible in the audit. fix and test
Project: http://git-wip-us.apache.org/repos/asf/activemq/repo
Commit: http://git-wip-us.apache.org/repos/asf/activemq/commit/d7f70837
Tree: http://git-wip-us.apache.org/repos/asf/activemq/tree/d7f70837
Diff: http://git-wip-us.apache.org/repos/asf/activemq/diff/d7f70837
Branch: refs/heads/master
Commit: d7f70837b7e80d41e45362c1327f4d9af25335e1
Parents: 4993475
Author: gtully <ga...@gmail.com>
Authored: Mon Jul 10 14:10:05 2017 +0100
Committer: gtully <ga...@gmail.com>
Committed: Mon Jul 10 14:10:05 2017 +0100
----------------------------------------------------------------------
.../activemq/broker/jmx/AnnotatedMBean.java | 39 +++++++++++++++++---
.../activemq/broker/util/JMXAuditLogEntry.java | 9 ++++-
.../apache/activemq/jmx/JmxAuditLogTest.java | 16 +++++++-
3 files changed, 56 insertions(+), 8 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/activemq/blob/d7f70837/activemq-broker/src/main/java/org/apache/activemq/broker/jmx/AnnotatedMBean.java
----------------------------------------------------------------------
diff --git a/activemq-broker/src/main/java/org/apache/activemq/broker/jmx/AnnotatedMBean.java b/activemq-broker/src/main/java/org/apache/activemq/broker/jmx/AnnotatedMBean.java
index aa8e8ab..c75d8a8 100644
--- a/activemq-broker/src/main/java/org/apache/activemq/broker/jmx/AnnotatedMBean.java
+++ b/activemq-broker/src/main/java/org/apache/activemq/broker/jmx/AnnotatedMBean.java
@@ -21,6 +21,7 @@ import java.lang.reflect.Method;
import java.security.AccessController;
import java.security.Principal;
import java.util.HashMap;
+import java.util.Locale;
import java.util.Map;
import javax.management.MBeanAttributeInfo;
@@ -48,7 +49,12 @@ public class AnnotatedMBean extends StandardMBean {
private static final Logger LOG = LoggerFactory.getLogger("org.apache.activemq.audit");
- private static boolean audit;
+ private static final byte OFF = 0b00;
+ private static final byte ENTRY = 0b01;
+ private static final byte EXIT = 0b10;
+ private static final byte ALL = 0b11;
+
+ private static byte audit = OFF;
private static AuditLogService auditLog;
static {
@@ -56,12 +62,25 @@ public class AnnotatedMBean extends StandardMBean {
for (Class<?> c : p) {
primitives.put(c.getName(), c);
}
- audit = "true".equalsIgnoreCase(System.getProperty("org.apache.activemq.audit"));
- if (audit) {
+ audit = byteFromProperty("org.apache.activemq.audit");
+ if (audit != OFF) {
auditLog = AuditLogService.getAuditLog();
}
}
+ private static byte byteFromProperty(String s) {
+ byte val = OFF;
+ String config = System.getProperty(s, "").toLowerCase(Locale.ENGLISH);
+ if ("true".equals(config) || "entry".equals(config)) {
+ val = ENTRY;
+ } else if ("exit".equals(config)) {
+ val = EXIT;
+ } else if ("all".equals(config)) {
+ val = ALL;
+ }
+ return val;
+ }
+
@SuppressWarnings({ "unchecked", "rawtypes" })
public static void registerMBean(ManagementContext context, Object object, ObjectName objectName) throws Exception {
@@ -179,7 +198,8 @@ public class AnnotatedMBean extends StandardMBean {
@Override
public Object invoke(String s, Object[] objects, String[] strings) throws MBeanException, ReflectionException {
- if (audit) {
+ JMXAuditLogEntry entry = null;
+ if (audit != OFF) {
Subject subject = Subject.getSubject(AccessController.getContext());
String caller = "anonymous";
if (subject != null) {
@@ -189,7 +209,7 @@ public class AnnotatedMBean extends StandardMBean {
}
}
- AuditLogEntry entry = new JMXAuditLogEntry();
+ entry = new JMXAuditLogEntry();
entry.setUser(caller);
entry.setTimestamp(System.currentTimeMillis());
entry.setOperation(this.getMBeanInfo().getClassName() + "." + s);
@@ -213,9 +233,16 @@ public class AnnotatedMBean extends StandardMBean {
entry.getParameters().put("arguments", objects);
}
+ if ((audit&ENTRY) == ENTRY) {
+ auditLog.log(entry);
+ }
+ }
+ Object result = super.invoke(s, objects, strings);
+ if ((audit&EXIT) == EXIT) {
+ entry.complete();
auditLog.log(entry);
}
- return super.invoke(s, objects, strings);
+ return result;
}
private Method getMBeanMethod(Class clazz, String methodName, String[] signature) throws ReflectiveOperationException {
http://git-wip-us.apache.org/repos/asf/activemq/blob/d7f70837/activemq-broker/src/main/java/org/apache/activemq/broker/util/JMXAuditLogEntry.java
----------------------------------------------------------------------
diff --git a/activemq-broker/src/main/java/org/apache/activemq/broker/util/JMXAuditLogEntry.java b/activemq-broker/src/main/java/org/apache/activemq/broker/util/JMXAuditLogEntry.java
index 4251756..7e0e0e3 100644
--- a/activemq-broker/src/main/java/org/apache/activemq/broker/util/JMXAuditLogEntry.java
+++ b/activemq-broker/src/main/java/org/apache/activemq/broker/util/JMXAuditLogEntry.java
@@ -19,9 +19,16 @@ package org.apache.activemq.broker.util;
import java.util.Arrays;
public class JMXAuditLogEntry extends AuditLogEntry {
+ public static final String[] VERBS = new String[] {" called ", " ended "};
+ private int state = 0;
+
+ public void complete() {
+ setTimestamp(System.currentTimeMillis());
+ state = 1;
+ }
@Override
public String toString() {
- return user.trim() + " called " + operation + Arrays.toString((Object[])parameters.get("arguments")) + " at " + getFormattedTime();
+ return user.trim() + VERBS[state] + operation + Arrays.toString((Object[])parameters.get("arguments")) + " at " + getFormattedTime();
}
}
http://git-wip-us.apache.org/repos/asf/activemq/blob/d7f70837/activemq-unit-tests/src/test/java/org/apache/activemq/jmx/JmxAuditLogTest.java
----------------------------------------------------------------------
diff --git a/activemq-unit-tests/src/test/java/org/apache/activemq/jmx/JmxAuditLogTest.java b/activemq-unit-tests/src/test/java/org/apache/activemq/jmx/JmxAuditLogTest.java
index 0f2695c..e6f1083 100644
--- a/activemq-unit-tests/src/test/java/org/apache/activemq/jmx/JmxAuditLogTest.java
+++ b/activemq-unit-tests/src/test/java/org/apache/activemq/jmx/JmxAuditLogTest.java
@@ -25,6 +25,8 @@ import javax.management.remote.JMXServiceURL;
import java.util.HashMap;
import java.util.Map;
import java.util.concurrent.TimeUnit;
+import java.util.concurrent.atomic.AtomicBoolean;
+import java.util.concurrent.atomic.AtomicInteger;
import org.apache.activemq.TestSupport;
import org.apache.activemq.broker.BrokerService;
@@ -38,6 +40,7 @@ import org.apache.log4j.Logger;
import org.apache.log4j.spi.LoggingEvent;
import org.junit.Test;
+import static org.apache.activemq.broker.util.JMXAuditLogEntry.VERBS;
import static org.apache.activemq.util.TestUtils.findOpenPort;
public class JmxAuditLogTest extends TestSupport
@@ -55,7 +58,7 @@ public class JmxAuditLogTest extends TestSupport
setMaxTestTime(TimeUnit.MINUTES.toMillis(10));
setAutoFail(true);
- System.setProperty("org.apache.activemq.audit", "true");
+ System.setProperty("org.apache.activemq.audit", "all");
broker = new BrokerService();
broker.setUseJmx(true);
@@ -113,6 +116,8 @@ public class JmxAuditLogTest extends TestSupport
{
Logger log4jLogger = Logger.getLogger("org.apache.activemq.audit");
log4jLogger.setLevel(Level.INFO);
+ final AtomicInteger logCount = new AtomicInteger(0);
+ final AtomicBoolean gotEnded = new AtomicBoolean(false);
Appender appender = new DefaultTestAppender()
{
@@ -122,11 +127,16 @@ public class JmxAuditLogTest extends TestSupport
if (event.getMessage() instanceof String)
{
String message = (String) event.getMessage();
+ System.out.println(message);
if (message.contains("testPassword"))
{
fail("Password should not appear in log file");
}
+ if (message.contains(VERBS[1])) {
+ gotEnded.set(true);
+ }
}
+ logCount.incrementAndGet();
}
};
log4jLogger.addAppender(appender);
@@ -139,5 +149,9 @@ public class JmxAuditLogTest extends TestSupport
conn.invoke(queueObjName, "sendTextMessage", params, signature);
log4jLogger.removeAppender(appender);
+
+ assertTrue("got ended statement", gotEnded.get());
+ assertEquals("got two messages", 2, logCount.get());
+
}
}