You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@syncope.apache.org by il...@apache.org on 2018/09/05 13:52:50 UTC
[2/3] syncope git commit: [SYNCOPE-1366] Picking the actual user at
the right time
[SYNCOPE-1366] Picking the actual user at the right time
Project: http://git-wip-us.apache.org/repos/asf/syncope/repo
Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/d5ac3469
Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/d5ac3469
Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/d5ac3469
Branch: refs/heads/master
Commit: d5ac346976dfbfacb2d0e5aa4d6c604c11e90995
Parents: 1068667
Author: Francesco Chicchiriccò <il...@apache.org>
Authored: Wed Sep 5 15:28:33 2018 +0200
Committer: Francesco Chicchiriccò <il...@apache.org>
Committed: Wed Sep 5 15:28:47 2018 +0200
----------------------------------------------------------------------
.../syncope/core/logic/LogicInvocationHandler.java | 4 +++-
.../core/provisioning/api/AuditManager.java | 9 ++++++---
.../provisioning/api/event/AfterHandlingEvent.java | 9 ++++++++-
.../core/provisioning/java/AuditManagerImpl.java | 11 +++++++----
.../java/job/AbstractSchedTaskJobDelegate.java | 2 ++
.../provisioning/java/job/AfterHandlingJob.java | 1 -
.../DefaultNotificationJobDelegate.java | 3 +++
.../AbstractPropagationTaskExecutor.java | 16 +++++++++++++---
.../java/pushpull/AbstractPullResultHandler.java | 5 ++++-
.../java/pushpull/AbstractPushResultHandler.java | 3 +++
.../pushpull/DefaultRealmPullResultHandler.java | 5 ++++-
.../pushpull/DefaultRealmPushResultHandler.java | 3 +++
.../core/spring/security/AuthDataAccessor.java | 3 ++-
.../UsernamePasswordAuthenticationProvider.java | 17 ++++++++++-------
14 files changed, 68 insertions(+), 23 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/syncope/blob/d5ac3469/core/logic/src/main/java/org/apache/syncope/core/logic/LogicInvocationHandler.java
----------------------------------------------------------------------
diff --git a/core/logic/src/main/java/org/apache/syncope/core/logic/LogicInvocationHandler.java b/core/logic/src/main/java/org/apache/syncope/core/logic/LogicInvocationHandler.java
index 38c5e92..f7c5fce 100644
--- a/core/logic/src/main/java/org/apache/syncope/core/logic/LogicInvocationHandler.java
+++ b/core/logic/src/main/java/org/apache/syncope/core/logic/LogicInvocationHandler.java
@@ -28,6 +28,7 @@ import org.apache.syncope.core.provisioning.api.AuditManager;
import org.apache.syncope.core.provisioning.api.notification.NotificationManager;
import org.apache.syncope.core.provisioning.api.event.AfterHandlingEvent;
import org.apache.syncope.core.provisioning.java.job.AfterHandlingJob;
+import org.apache.syncope.core.spring.security.AuthContextUtils;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
@@ -67,7 +68,7 @@ public class LogicInvocationHandler {
boolean notificationsAvailable = notificationManager.notificationsAvailable(
AuditElements.EventCategoryType.LOGIC, category, null, event);
boolean auditRequested = auditManager.auditRequested(
- AuditElements.EventCategoryType.LOGIC, category, null, event);
+ AuthContextUtils.getUsername(), AuditElements.EventCategoryType.LOGIC, category, null, event);
AuditElements.Result condition = null;
Object output = null;
@@ -100,6 +101,7 @@ public class LogicInvocationHandler {
if (notificationsAvailable || auditRequested) {
Map<String, Object> jobMap = new HashMap<>();
jobMap.put(AfterHandlingEvent.JOBMAP_KEY, new AfterHandlingEvent(
+ AuthContextUtils.getUsername(),
AuditElements.EventCategoryType.LOGIC,
category,
null,
http://git-wip-us.apache.org/repos/asf/syncope/blob/d5ac3469/core/provisioning-api/src/main/java/org/apache/syncope/core/provisioning/api/AuditManager.java
----------------------------------------------------------------------
diff --git a/core/provisioning-api/src/main/java/org/apache/syncope/core/provisioning/api/AuditManager.java b/core/provisioning-api/src/main/java/org/apache/syncope/core/provisioning/api/AuditManager.java
index f397351..a59d77d 100644
--- a/core/provisioning-api/src/main/java/org/apache/syncope/core/provisioning/api/AuditManager.java
+++ b/core/provisioning-api/src/main/java/org/apache/syncope/core/provisioning/api/AuditManager.java
@@ -26,6 +26,7 @@ public interface AuditManager {
/**
* Checks if audit is requested matching the provided conditions.
*
+ * @param who user triggering the event
* @param type event category type
* @param category event category
* @param subcategory event subcategory
@@ -33,6 +34,7 @@ public interface AuditManager {
* @return created notification tasks
*/
boolean auditRequested(
+ String who,
AuditElements.EventCategoryType type,
String category,
String subcategory,
@@ -40,14 +42,15 @@ public interface AuditManager {
/**
* Create audit entries according to the provided event.
- *
+ *
* @param event Spring event raised during Logic processing
*/
- void audit(final AfterHandlingEvent event);
+ void audit(AfterHandlingEvent event);
/**
* Create audit entries for each audit matching provided conditions.
*
+ * @param who user triggering the event
* @param type event category type
* @param category event category
* @param subcategory event subcategory
@@ -58,6 +61,7 @@ public interface AuditManager {
* @param input object(s) provided to the event
*/
void audit(
+ String who,
AuditElements.EventCategoryType type,
String category,
String subcategory,
@@ -66,5 +70,4 @@ public interface AuditManager {
Object before,
Object output,
Object... input);
-
}
http://git-wip-us.apache.org/repos/asf/syncope/blob/d5ac3469/core/provisioning-api/src/main/java/org/apache/syncope/core/provisioning/api/event/AfterHandlingEvent.java
----------------------------------------------------------------------
diff --git a/core/provisioning-api/src/main/java/org/apache/syncope/core/provisioning/api/event/AfterHandlingEvent.java b/core/provisioning-api/src/main/java/org/apache/syncope/core/provisioning/api/event/AfterHandlingEvent.java
index 2e2e44e..4e14ee2 100644
--- a/core/provisioning-api/src/main/java/org/apache/syncope/core/provisioning/api/event/AfterHandlingEvent.java
+++ b/core/provisioning-api/src/main/java/org/apache/syncope/core/provisioning/api/event/AfterHandlingEvent.java
@@ -27,6 +27,8 @@ public class AfterHandlingEvent implements Serializable {
public static final String JOBMAP_KEY = "AfterHandlingEvent";
+ private final String who;
+
private final AuditElements.EventCategoryType type;
private final String category;
@@ -44,6 +46,7 @@ public class AfterHandlingEvent implements Serializable {
private final Object[] input;
public AfterHandlingEvent(
+ final String who,
final AuditElements.EventCategoryType type,
final String category,
final String subcategory,
@@ -53,6 +56,7 @@ public class AfterHandlingEvent implements Serializable {
final Object output,
final Object... input) {
+ this.who = who;
this.type = type;
this.category = category;
this.subcategory = subcategory;
@@ -63,6 +67,10 @@ public class AfterHandlingEvent implements Serializable {
this.input = input;
}
+ public String getWho() {
+ return who;
+ }
+
public AuditElements.EventCategoryType getType() {
return type;
}
@@ -94,5 +102,4 @@ public class AfterHandlingEvent implements Serializable {
public Object[] getInput() {
return input;
}
-
}
http://git-wip-us.apache.org/repos/asf/syncope/blob/d5ac3469/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/AuditManagerImpl.java
----------------------------------------------------------------------
diff --git a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/AuditManagerImpl.java b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/AuditManagerImpl.java
index 6b32cbb..3a2877f 100644
--- a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/AuditManagerImpl.java
+++ b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/AuditManagerImpl.java
@@ -23,10 +23,10 @@ import org.apache.syncope.common.lib.types.AuditElements;
import org.apache.syncope.common.lib.types.AuditElements.Result;
import org.apache.syncope.common.lib.types.AuditLoggerName;
import org.apache.syncope.common.lib.types.LoggerLevel;
-import org.apache.syncope.core.spring.security.AuthContextUtils;
import org.apache.syncope.core.provisioning.api.serialization.POJOHelper;
import org.apache.syncope.core.persistence.api.dao.LoggerDAO;
import org.apache.syncope.core.provisioning.api.event.AfterHandlingEvent;
+import org.apache.syncope.core.spring.security.AuthContextUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
@@ -42,13 +42,14 @@ public class AuditManagerImpl implements AuditManager {
@Override
public boolean auditRequested(
+ final String who,
final AuditElements.EventCategoryType type,
final String category,
final String subcategory,
final String event) {
AuditEntry auditEntry = new AuditEntry(
- AuthContextUtils.getUsername(),
+ who,
new AuditLoggerName(type, category, subcategory, event, Result.SUCCESS),
null,
null,
@@ -62,7 +63,7 @@ public class AuditManagerImpl implements AuditManager {
}
auditEntry = new AuditEntry(
- AuthContextUtils.getUsername(),
+ who,
new AuditLoggerName(type, category, subcategory, event, Result.FAILURE),
null,
null,
@@ -76,6 +77,7 @@ public class AuditManagerImpl implements AuditManager {
@Override
public void audit(final AfterHandlingEvent event) {
audit(
+ event.getWho(),
event.getType(),
event.getCategory(),
event.getSubcategory(),
@@ -88,6 +90,7 @@ public class AuditManagerImpl implements AuditManager {
@Override
public void audit(
+ final String who,
final AuditElements.EventCategoryType type,
final String category,
final String subcategory,
@@ -103,7 +106,7 @@ public class AuditManagerImpl implements AuditManager {
}
AuditEntry auditEntry = new AuditEntry(
- AuthContextUtils.getUsername(),
+ who,
new AuditLoggerName(type, category, subcategory, event, condition),
before,
throwable == null ? output : throwable.getMessage(),
http://git-wip-us.apache.org/repos/asf/syncope/blob/d5ac3469/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/job/AbstractSchedTaskJobDelegate.java
----------------------------------------------------------------------
diff --git a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/job/AbstractSchedTaskJobDelegate.java b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/job/AbstractSchedTaskJobDelegate.java
index 3f7e280..91b9b2a 100644
--- a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/job/AbstractSchedTaskJobDelegate.java
+++ b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/job/AbstractSchedTaskJobDelegate.java
@@ -30,6 +30,7 @@ import org.apache.syncope.core.persistence.api.entity.task.TaskExec;
import org.apache.syncope.core.provisioning.api.AuditManager;
import org.apache.syncope.core.provisioning.api.job.SchedTaskJobDelegate;
import org.apache.syncope.core.provisioning.api.notification.NotificationManager;
+import org.apache.syncope.core.spring.security.AuthContextUtils;
import org.quartz.JobExecutionContext;
import org.quartz.JobExecutionException;
import org.slf4j.Logger;
@@ -146,6 +147,7 @@ public abstract class AbstractSchedTaskJobDelegate implements SchedTaskJobDelega
execution);
auditManager.audit(
+ AuthContextUtils.getUsername(),
AuditElements.EventCategoryType.TASK,
task.getClass().getSimpleName(),
null,
http://git-wip-us.apache.org/repos/asf/syncope/blob/d5ac3469/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/job/AfterHandlingJob.java
----------------------------------------------------------------------
diff --git a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/job/AfterHandlingJob.java b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/job/AfterHandlingJob.java
index c22bc85..4e53077 100644
--- a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/job/AfterHandlingJob.java
+++ b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/job/AfterHandlingJob.java
@@ -98,5 +98,4 @@ public class AfterHandlingJob extends AbstractInterruptableJob {
throw new JobExecutionException("While handling notification / audit events", e);
}
}
-
}
http://git-wip-us.apache.org/repos/asf/syncope/blob/d5ac3469/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/job/notification/DefaultNotificationJobDelegate.java
----------------------------------------------------------------------
diff --git a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/job/notification/DefaultNotificationJobDelegate.java b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/job/notification/DefaultNotificationJobDelegate.java
index 8279bd2..f9a09c8 100644
--- a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/job/notification/DefaultNotificationJobDelegate.java
+++ b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/job/notification/DefaultNotificationJobDelegate.java
@@ -41,6 +41,7 @@ import org.apache.syncope.core.persistence.api.entity.task.TaskExec;
import org.apache.syncope.core.provisioning.api.AuditManager;
import org.apache.syncope.core.provisioning.api.notification.NotificationJobDelegate;
import org.apache.syncope.core.provisioning.api.notification.NotificationManager;
+import org.apache.syncope.core.spring.security.AuthContextUtils;
import org.apache.syncope.core.spring.security.Encryptor;
import org.quartz.JobExecutionException;
import org.slf4j.Logger;
@@ -287,6 +288,7 @@ public class DefaultNotificationJobDelegate implements InitializingBean, Notific
notificationManager.setTaskExecuted(execution.getTask().getKey(), false);
auditManager.audit(
+ AuthContextUtils.getUsername(),
AuditElements.EventCategoryType.TASK,
"notification",
null,
@@ -300,6 +302,7 @@ public class DefaultNotificationJobDelegate implements InitializingBean, Notific
LOG.error("Maximum number of retries reached for task {} - giving up", execution.getTask());
auditManager.audit(
+ AuthContextUtils.getUsername(),
AuditElements.EventCategoryType.TASK,
"notification",
null,
http://git-wip-us.apache.org/repos/asf/syncope/blob/d5ac3469/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/propagation/AbstractPropagationTaskExecutor.java
----------------------------------------------------------------------
diff --git a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/propagation/AbstractPropagationTaskExecutor.java b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/propagation/AbstractPropagationTaskExecutor.java
index 184fc28..6a9e4c3 100644
--- a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/propagation/AbstractPropagationTaskExecutor.java
+++ b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/propagation/AbstractPropagationTaskExecutor.java
@@ -72,6 +72,7 @@ import org.apache.syncope.core.provisioning.api.propagation.PropagationException
import org.apache.syncope.core.provisioning.api.serialization.POJOHelper;
import org.apache.syncope.core.provisioning.java.utils.MappingUtils;
import org.apache.syncope.core.spring.ImplementationManager;
+import org.apache.syncope.core.spring.security.AuthContextUtils;
import org.identityconnectors.framework.common.exceptions.ConnectorException;
import org.identityconnectors.framework.common.objects.Attribute;
import org.identityconnectors.framework.common.objects.AttributeBuilder;
@@ -519,8 +520,12 @@ public abstract class AbstractPropagationTaskExecutor implements PropagationTask
String operation = task.getOperation().name().toLowerCase();
boolean notificationsAvailable = notificationManager.notificationsAvailable(
AuditElements.EventCategoryType.PROPAGATION, anyTypeKind, resource, operation);
- boolean auditRequested = auditManager.auditRequested(AuditElements.EventCategoryType.PROPAGATION, anyTypeKind,
- resource, operation);
+ boolean auditRequested = auditManager.auditRequested(
+ AuthContextUtils.getUsername(),
+ AuditElements.EventCategoryType.PROPAGATION,
+ anyTypeKind,
+ resource,
+ operation);
if (notificationsAvailable || auditRequested) {
ExecTO execTO = taskDataBinder.getExecTO(execution);
@@ -531,7 +536,12 @@ public abstract class AbstractPropagationTaskExecutor implements PropagationTask
new Object[] { execTO, afterObj },
taskTO);
- auditManager.audit(AuditElements.EventCategoryType.PROPAGATION, anyTypeKind, resource, operation,
+ auditManager.audit(
+ AuthContextUtils.getUsername(),
+ AuditElements.EventCategoryType.PROPAGATION,
+ anyTypeKind,
+ resource,
+ operation,
result,
beforeObj,
new Object[] { execTO, afterObj },
http://git-wip-us.apache.org/repos/asf/syncope/blob/d5ac3469/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/pushpull/AbstractPullResultHandler.java
----------------------------------------------------------------------
diff --git a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/pushpull/AbstractPullResultHandler.java b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/pushpull/AbstractPullResultHandler.java
index f493785..2ea3da9 100644
--- a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/pushpull/AbstractPullResultHandler.java
+++ b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/pushpull/AbstractPullResultHandler.java
@@ -57,6 +57,7 @@ import org.apache.syncope.core.provisioning.api.pushpull.PullActions;
import org.apache.syncope.core.provisioning.api.pushpull.SyncopePullExecutor;
import org.apache.syncope.core.provisioning.api.pushpull.SyncopePullResultHandler;
import org.apache.syncope.core.provisioning.java.utils.ConnObjectUtils;
+import org.apache.syncope.core.spring.security.AuthContextUtils;
import org.identityconnectors.framework.common.objects.Attribute;
import org.identityconnectors.framework.common.objects.SyncDelta;
import org.identityconnectors.framework.common.objects.SyncDeltaType;
@@ -908,7 +909,9 @@ public abstract class AbstractPullResultHandler extends AbstractSyncopeResultHan
delta,
furtherInput);
- auditManager.audit(AuditElements.EventCategoryType.PULL,
+ auditManager.audit(
+ AuthContextUtils.getUsername(),
+ AuditElements.EventCategoryType.PULL,
anyUtils.anyTypeKind().name().toLowerCase(),
profile.getTask().getResource().getKey(),
event,
http://git-wip-us.apache.org/repos/asf/syncope/blob/d5ac3469/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/pushpull/AbstractPushResultHandler.java
----------------------------------------------------------------------
diff --git a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/pushpull/AbstractPushResultHandler.java b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/pushpull/AbstractPushResultHandler.java
index 1053c02..6c48702 100644
--- a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/pushpull/AbstractPushResultHandler.java
+++ b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/pushpull/AbstractPushResultHandler.java
@@ -50,6 +50,7 @@ import org.apache.syncope.core.provisioning.api.propagation.PropagationReporter;
import org.apache.syncope.core.provisioning.api.pushpull.IgnoreProvisionException;
import org.apache.syncope.core.provisioning.api.pushpull.SyncopePushResultHandler;
import org.apache.syncope.core.provisioning.java.job.AfterHandlingJob;
+import org.apache.syncope.core.spring.security.AuthContextUtils;
import org.identityconnectors.framework.common.objects.ConnectorObject;
import org.quartz.JobExecutionException;
import org.springframework.beans.factory.annotation.Autowired;
@@ -290,6 +291,7 @@ public abstract class AbstractPushResultHandler extends AbstractSyncopeResultHan
profile.getTask().getResource().getKey(),
operation);
boolean auditRequested = auditManager.auditRequested(
+ AuthContextUtils.getUsername(),
AuditElements.EventCategoryType.PUSH,
any.getType().getKind().name().toLowerCase(),
profile.getTask().getResource().getKey(),
@@ -453,6 +455,7 @@ public abstract class AbstractPushResultHandler extends AbstractSyncopeResultHan
if (notificationsAvailable || auditRequested) {
Map<String, Object> jobMap = new HashMap<>();
jobMap.put(AfterHandlingEvent.JOBMAP_KEY, new AfterHandlingEvent(
+ AuthContextUtils.getUsername(),
AuditElements.EventCategoryType.PUSH,
any.getType().getKind().name().toLowerCase(),
profile.getTask().getResource().getKey(),
http://git-wip-us.apache.org/repos/asf/syncope/blob/d5ac3469/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/pushpull/DefaultRealmPullResultHandler.java
----------------------------------------------------------------------
diff --git a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/pushpull/DefaultRealmPullResultHandler.java b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/pushpull/DefaultRealmPullResultHandler.java
index be0caab..0c5bb6b 100644
--- a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/pushpull/DefaultRealmPullResultHandler.java
+++ b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/pushpull/DefaultRealmPullResultHandler.java
@@ -49,6 +49,7 @@ import org.apache.syncope.core.provisioning.api.pushpull.PullActions;
import org.apache.syncope.core.provisioning.api.pushpull.RealmPullResultHandler;
import org.apache.syncope.core.provisioning.api.pushpull.SyncopePullExecutor;
import org.apache.syncope.core.provisioning.java.utils.ConnObjectUtils;
+import org.apache.syncope.core.spring.security.AuthContextUtils;
import org.apache.syncope.core.spring.security.DelegatedAdministrationException;
import org.identityconnectors.framework.common.objects.SyncDelta;
import org.identityconnectors.framework.common.objects.SyncDeltaType;
@@ -783,7 +784,9 @@ public class DefaultRealmPullResultHandler
output,
delta);
- auditManager.audit(AuditElements.EventCategoryType.PULL,
+ auditManager.audit(
+ AuthContextUtils.getUsername(),
+ AuditElements.EventCategoryType.PULL,
REALM_TYPE.toLowerCase(),
profile.getTask().getResource().getKey(),
event,
http://git-wip-us.apache.org/repos/asf/syncope/blob/d5ac3469/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/pushpull/DefaultRealmPushResultHandler.java
----------------------------------------------------------------------
diff --git a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/pushpull/DefaultRealmPushResultHandler.java b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/pushpull/DefaultRealmPushResultHandler.java
index 4973407..711d49b 100644
--- a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/pushpull/DefaultRealmPushResultHandler.java
+++ b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/pushpull/DefaultRealmPushResultHandler.java
@@ -48,6 +48,7 @@ import org.apache.syncope.core.provisioning.api.pushpull.PushActions;
import org.apache.syncope.core.provisioning.api.pushpull.RealmPushResultHandler;
import org.apache.syncope.core.provisioning.java.job.AfterHandlingJob;
import org.apache.syncope.core.provisioning.java.utils.MappingUtils;
+import org.apache.syncope.core.spring.security.AuthContextUtils;
import org.identityconnectors.framework.common.objects.AttributeBuilder;
import org.identityconnectors.framework.common.objects.ConnectorObject;
import org.identityconnectors.framework.common.objects.ObjectClass;
@@ -231,6 +232,7 @@ public class DefaultRealmPushResultHandler
profile.getTask().getResource().getKey(),
operation);
boolean auditRequested = auditManager.auditRequested(
+ AuthContextUtils.getUsername(),
AuditElements.EventCategoryType.PUSH,
REALM_TYPE.toLowerCase(),
profile.getTask().getResource().getKey(),
@@ -408,6 +410,7 @@ public class DefaultRealmPushResultHandler
if (notificationsAvailable || auditRequested) {
Map<String, Object> jobMap = new HashMap<>();
jobMap.put(AfterHandlingEvent.JOBMAP_KEY, new AfterHandlingEvent(
+ AuthContextUtils.getUsername(),
AuditElements.EventCategoryType.PUSH,
REALM_TYPE.toLowerCase(),
profile.getTask().getResource().getKey(),
http://git-wip-us.apache.org/repos/asf/syncope/blob/d5ac3469/core/spring/src/main/java/org/apache/syncope/core/spring/security/AuthDataAccessor.java
----------------------------------------------------------------------
diff --git a/core/spring/src/main/java/org/apache/syncope/core/spring/security/AuthDataAccessor.java b/core/spring/src/main/java/org/apache/syncope/core/spring/security/AuthDataAccessor.java
index 1cc5b61..e7b90d6 100644
--- a/core/spring/src/main/java/org/apache/syncope/core/spring/security/AuthDataAccessor.java
+++ b/core/spring/src/main/java/org/apache/syncope/core/spring/security/AuthDataAccessor.java
@@ -425,6 +425,7 @@ public class AuthDataAccessor {
@Transactional(readOnly = true)
public void audit(
+ final String who,
final AuditElements.EventCategoryType type,
final String category,
final String subcategory,
@@ -434,7 +435,7 @@ public class AuthDataAccessor {
final Object output,
final Object... input) {
- auditManager.audit(type, category, subcategory, event, result, before, output, input);
+ auditManager.audit(who, type, category, subcategory, event, result, before, output, input);
}
}
http://git-wip-us.apache.org/repos/asf/syncope/blob/d5ac3469/core/spring/src/main/java/org/apache/syncope/core/spring/security/UsernamePasswordAuthenticationProvider.java
----------------------------------------------------------------------
diff --git a/core/spring/src/main/java/org/apache/syncope/core/spring/security/UsernamePasswordAuthenticationProvider.java b/core/spring/src/main/java/org/apache/syncope/core/spring/security/UsernamePasswordAuthenticationProvider.java
index 7b8d0c8..b127f46 100644
--- a/core/spring/src/main/java/org/apache/syncope/core/spring/security/UsernamePasswordAuthenticationProvider.java
+++ b/core/spring/src/main/java/org/apache/syncope/core/spring/security/UsernamePasswordAuthenticationProvider.java
@@ -141,13 +141,14 @@ public class UsernamePasswordAuthenticationProvider implements AuthenticationPro
UsernamePasswordAuthenticationToken token;
if (isAuthenticated) {
token = AuthContextUtils.execWithAuthContext(domainKey, () -> {
- UsernamePasswordAuthenticationToken token1 =
- new UsernamePasswordAuthenticationToken(
- username[0],
- null,
- dataAccessor.getAuthorities(username[0]));
+ UsernamePasswordAuthenticationToken token1 = new UsernamePasswordAuthenticationToken(
+ username[0],
+ null,
+ dataAccessor.getAuthorities(username[0]));
token1.setDetails(authentication.getDetails());
- dataAccessor.audit(AuditElements.EventCategoryType.LOGIC,
+ dataAccessor.audit(
+ username[0],
+ AuditElements.EventCategoryType.LOGIC,
AuditElements.AUTHENTICATION_CATEGORY, null,
AuditElements.LOGIN_EVENT, Result.SUCCESS, null, isAuthenticated, authentication,
"Successfully authenticated, with entitlements: " + token1.getAuthorities());
@@ -158,7 +159,9 @@ public class UsernamePasswordAuthenticationProvider implements AuthenticationPro
username[0], token.getAuthorities());
} else {
AuthContextUtils.execWithAuthContext(domainKey, () -> {
- dataAccessor.audit(AuditElements.EventCategoryType.LOGIC,
+ dataAccessor.audit(
+ username[0],
+ AuditElements.EventCategoryType.LOGIC,
AuditElements.AUTHENTICATION_CATEGORY,
null,
AuditElements.LOGIN_EVENT,