AuthenticationProcessEventAuditor.java revision 1fabde922343287141b5f73db141ec0566c5052d
/*
* The contents of this file are subject to the terms of the Common Development and
* Distribution License (the License). You may not use this file except in compliance with the
* License.
*
* You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
* specific language governing permission and limitations under the License.
*
* When distributing Covered Software, include this CDDL Header Notice in each file and include
* the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
* Header, with the fields enclosed by brackets [] replaced by your own identifying
* information: "Portions copyright [year] [name of copyright owner]".
*
* Copyright 2015-2016 ForgeRock AS.
*/
/**
* This auditor is specifically aimed at constructing and logging authentication events for the login process.
*
* @since 13.0.0
*/
public class AuthenticationProcessEventAuditor extends AbstractAuthenticationEventAuditor {
/**
* Constructor for {@link AuthenticationProcessEventAuditor}.
*
* @param eventPublisher The publisher responsible for logging the events.
* @param eventFactory The factory that can be used to create the events.
*/
public AuthenticationProcessEventAuditor(AuditEventPublisher eventPublisher, AuditEventFactory eventFactory) {
super(eventPublisher, eventFactory);
}
/**
* Log an authentication process successful completion event.
*
* @param loginState The login state object.
*/
if (loginState != null) {
}
}
}
/**
* Log an authentication process failure event.
*
* @param loginState The login state object.
*/
}
/**
* Log an authentication process failure event.
*
* @param loginState The login state object.
* @param failureReason The reason for the failure. If {@literal failureReason} is null then the value of
* {@link LoginState#getErrorCode()} will be mapped to an {@link AuthenticationFailureReason} with
* {@link AuthenticationFailureReason#LOGIN_FAILED} as default if the value could not be mapped.
*/
if (failureReason == null) {
}
}
}
/**
* Log a logout event.
*
* @param token The {@Link SSOToken} of the event.
*/
try {
} catch (SSOException e) {
}
if (isNotEmpty(host)) {
}
}
}
if (loginState != null) {
if (isNotEmpty(ip)) {
}
}
}
return entryDetail;
}
try {
} catch (SSOException e) {
return null;
}
}
return LOGIN_FAILED;
}
switch (errorCode) {
return NO_USER_PROFILE;
return ACCOUNT_EXPIRED;
return INVALID_PASSWORD;
return USER_INACTIVE;
return NO_CONFIG;
return INVALID_REALM;
return REALM_INACTIVE;
case AMAuthErrorCode.AUTH_TIMEOUT:
return LOGIN_TIMEOUT;
return MODULE_DENIED;
return MODULE_NOT_FOUND;
return LOCKED_OUT;
return USER_NOT_FOUND;
return AUTH_TYPE_DENIED;
return MAX_SESSION_REACHED;
return SESSION_CREATE_ERROR;
return INVALID_LEVEL;
return MODULE_DENIED;
default:
return LOGIN_FAILED;
}
}
}