log/service/LogRecWrite.java

	LogRecWrite.java revision bab1e6524fca64a55ecfc2503295092db8e0f48e
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce/**
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce *
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce * Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce *
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce * The contents of this file are subject to the terms
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce * of the Common Development and Distribution License
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce * (the License). You may not use this file except in
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce * compliance with the License.
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce *
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce * You can obtain a copy of the License at
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce * https://opensso.dev.java.net/public/CDDLv1.0.html or
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce * opensso/legal/CDDLv1.0.txt
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce * See the License for the specific language governing
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce * permission and limitations under the License.
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce *
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce * When distributing Covered Code, include this CDDL
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce * Header Notice in each file and include the License file
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce * at opensso/legal/CDDLv1.0.txt.
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce * If applicable, add the following below the CDDL Header,
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce * with the fields enclosed by brackets [] replaced by
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce * your own identifying information:
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce * "Portions Copyrighted [year] [name of copyright owner]"
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce *
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce * $Id: LogRecWrite.java,v 1.6 2009/06/19 02:33:29 bigfatrat Exp $
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce *
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce * Portions Copyrighted 2011-2015 ForgeRock AS
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce * Portions Copyrighted 2013 Nomura Research Institute, Ltd
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce */
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorcepackage com.sun.identity.log.service;
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorceimport static java.util.concurrent.TimeUnit.MILLISECONDS;
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorceimport static org.forgerock.openam.audit.AuditConstants.*;
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorceimport static org.forgerock.openam.utils.CollectionUtils.getFirstItem;
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorceimport com.iplanet.dpro.parser.ParseOutput;
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorceimport com.iplanet.services.comm.share.Response;
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorceimport com.iplanet.sso.SSOException;
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorceimport com.iplanet.sso.SSOToken;
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorceimport com.iplanet.sso.SSOTokenManager;
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorceimport com.sun.identity.idm.IdRepoException;
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorceimport com.sun.identity.idm.IdUtils;
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorceimport com.sun.identity.log.LogConstants;
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorceimport com.sun.identity.log.LogRecord;
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorceimport com.sun.identity.log.Logger;
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorceimport com.sun.identity.log.s1is.LogSSOTokenDetails;
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorceimport com.sun.identity.log.service.AgentLogParser.LogExtracts;
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorceimport com.sun.identity.log.spi.Debug;
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorceimport com.sun.identity.monitoring.Agent;
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorceimport com.sun.identity.monitoring.MonitoringUtil;
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorceimport com.sun.identity.monitoring.SsoServerLoggingHdlrEntryImpl;
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorceimport com.sun.identity.monitoring.SsoServerLoggingSvcImpl;
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorceimport org.forgerock.audit.events.AuditEvent;
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorceimport org.forgerock.openam.audit.AMAuditEventBuilderUtils;
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorceimport org.forgerock.openam.audit.AuditConstants;
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorceimport org.forgerock.openam.audit.AuditEventFactory;
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorceimport org.forgerock.openam.audit.AuditEventPublisher;
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorceimport org.forgerock.openam.audit.context.AuditRequestContext;
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorceimport org.forgerock.openam.utils.StringUtils;
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorceimport java.util.Collections;
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorceimport java.util.Hashtable;
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorceimport java.util.Iterator;
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorceimport java.util.List;
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorceimport java.util.Map;
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorceimport java.util.Set;
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorceimport java.util.Vector;
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorceimport java.util.logging.Level;
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce/**
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce * This class implements <code>ParseOutput</code> interface and <code>
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce * LogOperation</code> interface. It is parsing request and process the request.
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce * log record. This class is registered with the SAX parser.
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce */
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorcepublic class LogRecWrite implements LogOperation, ParseOutput {
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce    private static final String EVALUATION_REALM = "org.forgerock.openam.agents.config.policy.evaluation.realm";
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce    String _logname;
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce    String _loggedBySid;
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce    Vector _records = new Vector();
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce    /**
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce     * Return result of the request processing in <code>Response</code>
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce     * @return result of the request processing in <code>Response</code>
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce     */
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce    public Response execute(AuditEventPublisher auditEventPublisher, AuditEventFactory auditEventFactory) {
7128fadade544efcd86b113a5090b00d20993671Jakub Hrozek        Response res = new Response("OK");
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce        SsoServerLoggingSvcImpl slsi = null;
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce        SsoServerLoggingHdlrEntryImpl slei = null;
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce        if (MonitoringUtil.isRunning()) {
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce            slsi = Agent.getLoggingSvcMBean();
7128fadade544efcd86b113a5090b00d20993671Jakub Hrozek            slei = slsi.getHandler(SsoServerLoggingSvcImpl.REMOTE_HANDLER_NAME);
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce        }
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce        Logger logger = (Logger)Logger.getLogger(_logname);
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce        if (Debug.messageEnabled()) {
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce            Debug.message("LogRecWrite: exec: logname = " + _logname);
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce        }
7128fadade544efcd86b113a5090b00d20993671Jakub Hrozek
7128fadade544efcd86b113a5090b00d20993671Jakub Hrozek        Level level =
7128fadade544efcd86b113a5090b00d20993671Jakub Hrozek            Level.parse(((com.sun.identity.log.service.LogRecord)_records.
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce        elementAt(0)).level);
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce        String msg = ((com.sun.identity.log.service.LogRecord)_records.
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce        elementAt(0)).msg;
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce        Map logInfoMap = ((com.sun.identity.log.service.LogRecord)_records.
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce        elementAt(0)).logInfoMap;
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce        Object [] parameters =
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce            ((com.sun.identity.log.service.LogRecord)_records.
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce        elementAt(0)).parameters;
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce
7128fadade544efcd86b113a5090b00d20993671Jakub Hrozek        try {
7128fadade544efcd86b113a5090b00d20993671Jakub Hrozek            msg = new String(com.sun.identity.shared.encode.Base64.decode(msg));
7128fadade544efcd86b113a5090b00d20993671Jakub Hrozek        } catch(RuntimeException ex){
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce            // if message is not base64 encoded just ignore &
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce            // write msg as it is.
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce            if (Debug.messageEnabled()) {
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce                Debug.message("LogRecWrite: message is not base64 encoded");
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce            }
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce        }
7128fadade544efcd86b113a5090b00d20993671Jakub Hrozek
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce        LogRecord rec = new LogRecord(level, msg);
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce        if (logInfoMap != null) {
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce            String loginIDSid =
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce                (String)logInfoMap.get(LogConstants.LOGIN_ID_SID);
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce            if (loginIDSid != null && loginIDSid.length() > 0) {
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce                SSOToken loginIDToken = null;
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce                try {
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce                    SSOTokenManager ssom = SSOTokenManager.getInstance();
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce                    loginIDToken = ssom.createSSOToken(loginIDSid);
7128fadade544efcd86b113a5090b00d20993671Jakub Hrozek                } catch (SSOException e) {
7128fadade544efcd86b113a5090b00d20993671Jakub Hrozek                    if (Debug.warningEnabled()) {
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce                        Debug.warning("LogService::process(): SSOException", e);
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce                    }
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce                    rec.setLogInfoMap(logInfoMap);
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce                }
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce                if (loginIDToken != null){
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce                    // here fill up logInfo into the newlr
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce                    rec = LogSSOTokenDetails.logSSOTokenInfo(rec, loginIDToken);
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce                    // now take one be one values from logInfoMap and overwrite
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce                    // any populated value from sso token.
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce                    Set keySet = logInfoMap.keySet();
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce                    Iterator i = keySet.iterator();
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce                    String key = null;
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce                    String value = null;
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce                    while (i.hasNext()) {
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce                        key = (String)i.next();
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce                        value = (String)logInfoMap.get(key);
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce                        if(value != null && value.length() > 0) {
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce                            if (key.equalsIgnoreCase(LogConstants.DATA)) {
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce                                try {
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce                                    value = new String(
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce                                   com.sun.identity.shared.encode.Base64.decode(
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce                                        value));
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce                                } catch(RuntimeException ex){
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce                                    // if message is not base64 encoded just
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce                                    // ignore & write msg as it is.
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce                                    if (Debug.messageEnabled()) {
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce                                        Debug.message(
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce                                            "LogRecWrite: data is not "
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce                                            + "base64 encoded");
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce                                    }
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce                                }
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce                            }
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce                            rec.addLogInfo(key, value);
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce                        }
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce                    }
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce                }
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce            } else {
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce                rec.setLogInfoMap(logInfoMap);
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce            }
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce        }
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce        rec.addLogInfo(LogConstants.LOG_LEVEL, rec.getLevel().toString());
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce        rec.setParameters(parameters);
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce        SSOToken loggedByToken = null;
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce        String realm = NO_REALM;
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce        try {
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce            SSOTokenManager ssom = SSOTokenManager.getInstance();
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce            loggedByToken = ssom.createSSOToken(_loggedBySid);
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce            Map<String, Set<String>> appAttributes = IdUtils.getIdentity(loggedByToken).getAttributes();
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce            realm = getFirstItem(appAttributes.get(EVALUATION_REALM), NO_REALM);
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce        } catch (IdRepoException | SSOException ssoe) {
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce            Debug.error("LogRecWrite: exec:SSOException: ", ssoe);
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce        }
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce        if (MonitoringUtil.isRunning()) {
7128fadade544efcd86b113a5090b00d20993671Jakub Hrozek            slei.incHandlerRequestCount(1);
7128fadade544efcd86b113a5090b00d20993671Jakub Hrozek        }
7128fadade544efcd86b113a5090b00d20993671Jakub Hrozek        auditAccessMessage(auditEventPublisher, auditEventFactory, rec, realm);
7128fadade544efcd86b113a5090b00d20993671Jakub Hrozek        logger.log(rec, loggedByToken);
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce        // Log file record write okay and return OK
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce        if (MonitoringUtil.isRunning()) {
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce            slei.incHandlerSuccessCount(1);
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce        }
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce        return res;
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce    }
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce    private void auditAccessMessage(AuditEventPublisher auditEventPublisher, AuditEventFactory auditEventFactory,
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce            LogRecord record, String realm) {
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce        if (!auditEventPublisher.isAuditing(realm, AuditConstants.ACCESS_TOPIC)) {
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce            return;
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce        }
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce        AgentLogParser logParser = new AgentLogParser();
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce        LogExtracts logExtracts = logParser.tryParse(record.getMessage());
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce        if (logExtracts == null) {
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce            // A message type of no interest
7128fadade544efcd86b113a5090b00d20993671Jakub Hrozek            return;
7128fadade544efcd86b113a5090b00d20993671Jakub Hrozek        }
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce        @SuppressWarnings("unchecked")
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce        Map<String, String> info = record.getLogInfoMap();
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce        String clientIp = info.get(LogConstants.IP_ADDR);
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce        if (StringUtils.isEmpty(clientIp)) {
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce            clientIp = info.get(LogConstants.HOST_NAME);
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce        }
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce        String contextId = info.get(LogConstants.CONTEXT_ID);
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce        String clientId = info.get(LogConstants.LOGIN_ID);
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce        String resourceUrl = logExtracts.getResourceUrl();
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce        int queryStringIndex = resourceUrl.indexOf('?');
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce        String queryString = queryStringIndex > -1 ? resourceUrl.substring(queryStringIndex) : "";
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce        String path = resourceUrl.replace(queryString, "");
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce        Map<String, List<String>> queryParameters = AMAuditEventBuilderUtils.getQueryParametersAsMap(queryString);
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce        AuditEvent auditEvent = auditEventFactory.accessEvent(realm)
7128fadade544efcd86b113a5090b00d20993671Jakub Hrozek                .transactionId(AuditRequestContext.getTransactionIdValue())
7128fadade544efcd86b113a5090b00d20993671Jakub Hrozek                .eventName(EventName.AM_ACCESS_ATTEMPT)
7128fadade544efcd86b113a5090b00d20993671Jakub Hrozek                .component(Component.POLICY_AGENT)
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce                .authentication(clientId)
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce                .http("UNKNOWN", path, queryParameters, Collections.<String, List<String>>emptyMap())
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce                .request("HTTP", "UNKNOWN")
7128fadade544efcd86b113a5090b00d20993671Jakub Hrozek                .client(clientIp)
7128fadade544efcd86b113a5090b00d20993671Jakub Hrozek                .trackingId(contextId)
7128fadade544efcd86b113a5090b00d20993671Jakub Hrozek                .response(null, logExtracts.getStatus(), -1, MILLISECONDS)
7128fadade544efcd86b113a5090b00d20993671Jakub Hrozek                .toEvent();
7128fadade544efcd86b113a5090b00d20993671Jakub Hrozek
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce        auditEventPublisher.tryPublish(AuditConstants.ACCESS_TOPIC, auditEvent);
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce    }
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce    /**
7128fadade544efcd86b113a5090b00d20993671Jakub Hrozek     * The method that implements the ParseOutput interface. This is called
7128fadade544efcd86b113a5090b00d20993671Jakub Hrozek     * by the SAX parser.
7128fadade544efcd86b113a5090b00d20993671Jakub Hrozek     * @param name name of request
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce     * @param elems vaector has parsing elements
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce     * @param atts parsing attributes
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce     * @param pcdata given data to be parsed.
7128fadade544efcd86b113a5090b00d20993671Jakub Hrozek     */
7128fadade544efcd86b113a5090b00d20993671Jakub Hrozek    public void process(String name, Vector elems, Hashtable atts,
7128fadade544efcd86b113a5090b00d20993671Jakub Hrozek    String pcdata) {
7128fadade544efcd86b113a5090b00d20993671Jakub Hrozek
7128fadade544efcd86b113a5090b00d20993671Jakub Hrozek        _logname = ((Log) elems.elementAt(0))._logname;
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce        _loggedBySid = ((Log) elems.elementAt(0))._loggedBySid;
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce        for (int i = 1; i < elems.size(); i++) {
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce            com.sun.identity.log.service.LogRecord lr =
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce                (com.sun.identity.log.service.LogRecord)elems.elementAt(i);
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce            _records.addElement(lr);
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce        }
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce    }
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce} //end of LogRecWrite
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce