8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * The contents of this file are subject to the terms
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * of the Common Development and Distribution License
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * (the License). You may not use this file except in
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * compliance with the License.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * You can obtain a copy of the License at
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * https://opensso.dev.java.net/public/CDDLv1.0.html or
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * See the License for the specific language governing
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * permission and limitations under the License.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * When distributing Covered Code, include this CDDL
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Header Notice in each file and include the License file
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * If applicable, add the following below the CDDL Header,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * with the fields enclosed by brackets [] replaced by
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * your own identifying information:
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * "Portions Copyrighted [year] [name of copyright owner]"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * $Id: Logger.java,v 1.15 2009/12/09 00:34:21 bigfatrat Exp $
ccf9d4a5c6453fa9f8b839baeee25147865fbb7dJames Phillpotts * Portions Copyrighted 2011-2016 ForgeRock AS.
ccf9d4a5c6453fa9f8b839baeee25147865fbb7dJames Phillpottsimport static org.forgerock.openam.utils.Time.*;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.sun.identity.common.ReaderWriterLock;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.sun.identity.log.messageid.LogMessageProviderBase;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.sun.identity.log.messageid.MessageProviderFactory;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.sun.identity.monitoring.MonitoringUtil;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.sun.identity.monitoring.SsoServerLoggingSvcImpl;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.sun.identity.monitoring.SsoServerLoggingHdlrEntryImpl;
8d3140b524c0e28c0a49dc7c7d481123ef3cfe11Chris Lee * OpenAM extension to the jdk1.4 Logger
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * This extension gives some functionality required by
8d3140b524c0e28c0a49dc7c7d481123ef3cfe11Chris Lee * OpenAM secure logger.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * For <code>JDK1.4</code> Logger please refer to
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * http://java.sun.com/j2se/1.4.1/docs/api/java/util/logging/Logger.html
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @supported.all.api
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterpublic class Logger extends java.util.logging.Logger {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public static ThreadLocal token = new ThreadLocal();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Lock to prevent parallel writing and reading at the same time.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public static ReaderWriterLock rwLock = new ReaderWriterLock();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster lm = (com.sun.identity.log.LogManager) LogManagerUtil.getLogManager();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster /* our Debug system will no be up now, so can't Debug */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String location = lm.getProperty(LogConstants.LOG_LOCATION);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String type = lm.getProperty(LogConstants.BACKEND);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if ((location != null) && type.equals("File")) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Debug.error("Logger:Creation of Log Directory failed: " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster /* Check if hostnames have to be resolved */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster lm.getProperty(LogConstants.LOG_RESOLVE_HOSTNAME_ATTR)).
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Protected method to construct a logger for a named subsystem.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * The logger will be initially configured with a null Level
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * and with useParentHandlers true.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param name A name for the logger. This should be a
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * dot-separated name and should normally be based on the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * package name or class name of the subsystem, such as java.net
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * or javax.swing. It may be null for anonymous Loggers.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param resourceBundleName Name of the ResourceBundle to be used for
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * localizing messages for this logger. May be null if none
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * of the messages require localization.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @throws MissingResourceException if the ResourceBundleName is
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * non-null and no corresponding resource can be found.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster protected Logger(String name,String resourceBundleName) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * To add handlers and formatters to the new logger object
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster private static void processNewLoggerObject (Logger result) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String levelProp = LogConstants.LOG_PROP_PREFIX + "." +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * see if logging level for this file already defined.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * if not, then check AMConfig.properties.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * if not, then use Logging service config value.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * if not, then use default ("INFO")
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String levelString = lm.getProperty(levelProp);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if ((levelString == null) || !(levelString.length() > 0)) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster levelString = SystemProperties.get (levelProp);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if ((levelString == null) || !(levelString.length() > 0)) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster levelString = lm.getProperty(LogConstants.LOGGING_LEVEL);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if ((levelString == null) || !(levelString.length() > 0)) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster levelString = LogConstants.DEFAULT_LOGGING_LEVEL_STR;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // but disabled logging in AMConfig.properties takes precedence
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String logStatus = lm.getProperty(LogConstants.LOG_STATUS_ATTR);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (logStatus != null && logStatus.startsWith("INACTIVE")) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "HandlerClass not in classpath ");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "HandlerClass not in classpath: " + handlerClass, e);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "constructor parameter mismatch ", e);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster handler = (Handler) cons.newInstance(parameterObjects);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "Could not instantiate handler: " + handlerClass, e);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "formatterClass not in classpath ");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster clz = Thread.currentThread().getContextClassLoader().
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "Could not load Formatter Class: " + formatterClass, e);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "Could not get Formatter instance " + formatterClass, e);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "Unable to add Handler", e);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String filterClassName = lm.getProperty(LogConstants.FILTER_CLASS_NAME);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster (Filter)Class.forName(filterClassName).newInstance();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster lm.getProperty(LogConstants.LOG_RESOLVE_HOSTNAME_ATTR)).
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Directs every log call to <code>log(LogRecord, Object)</code>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * And thus the default authorization check does not allow logging
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * when an application uses this interface.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param record The <code>LogRecord</code> to be logged.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster /* In case of remote sso token must be provide. */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Debug.error("Logger.validateLogBy:" + logName +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ": remote logging, ssoToken is null; Will not log");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster return false;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster /* Authorizer need not be called in the case of remote. */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (!Authorizer.isAuthorized(logName, "MODIFY", cred)) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster incMonReject(); // increment log svc and handler stats
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Debug.error("Logger.validateLogBy:" + logName +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ": authorization failed; Will not log");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster return true;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster private void addLogByInfo(ILogRecord record, Object cred) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String loggedBySID = ssoToken.getTokenID().toString();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster record.addLogInfo(LogConstants.LOGGED_BY_SID, loggedBySID);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ": could not get clientID from ssoToken:", ssoe);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster record.addLogInfo(LogConstants.LOGGED_BY, clientID);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster private void addModuleName(ILogRecord record) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster (String)record.getLogInfoMap().get(LogConstants.MODULE_NAME);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (existModuleName == null || existModuleName.length() <= 0) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster /* add module name only if it's already not added. */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster record.addLogInfo(LogConstants.MODULE_NAME, this.getName());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Log entitlement log record.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param record Log record.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (record instanceof java.util.logging.LogRecord) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster log((java.util.logging.LogRecord)record, cred);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "Logger.log: cannot log non java.util.logging.LogRecord class");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster private static Object getPrivateCred(Subject sbj) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster return ((privCreds != null) && !privCreds.isEmpty()) ?
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Calls super.log after checking authorization.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Data is not logged at all if this check fails.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param record The <code>LogRecord</code> to be logged.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param cred To prove authorization for log WRITE.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * The default authorization hook checks validity of the single
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * sign on token which should be passed as the <code>cred</code>.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public void log(LogRecord record, Object cred) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (record instanceof com.sun.identity.log.ILogRecord) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster com.sun.identity.log.ILogRecord openssoLogRecord =
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * These are normally done by the LogManager private method
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * doLog(). But since this record is not passing through that
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * method we have to explicitly do this.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * ResourceBundle logic has been simplified.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ResourceBundle bundle = ResourceBundle.getBundle(rbName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * this is to serialize logging,signing and verifying
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * threads so that no signing or verification takes
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * place once a logging thread has gone past this point
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster synchronized (this) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Debug.error("Logger.writeToLog:" + logName + ":" + ex.getMessage());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster throw new AMLogException(logName + ":" + ex.getMessage());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster /** Writes all the buffered log records.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Post the LogRecord to all our Handlers, and then to
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * our parents' handlers, all the way up the tree.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Find or create a logger for a named subsystem. If a logger has
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * already been created with the given name it is returned. Otherwise
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * a new logger is created.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * If a new logger is created its log level will be configured
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * based on the <code>LogManager</code> and it will be configured NOT to
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * send logging output to its parent loggers Handlers. It will be
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * registered in the <code>LogManager</code> global namespace.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param name A name for the logger. This should be a dot-separated name
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * and should be the file name you want to have for your logs,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * such as <code>amSSO.access</code>, or audit.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @return a suitable <code>Logger</code>.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public static synchronized java.util.logging.Logger getLogger(String name)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if ((name == null) || (name.length() == 0) || name.indexOf("..") >= 0)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster /* Do not allow logging if logName has "..". */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster boolean loggerExists = false;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster java.util.logging.Logger newLog = (java.util.logging.Logger)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster /* Logging service starts earlier than Monitoring.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Because of this the first call to LogManager's readConfiguration()
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * does not update the monitoring handle with the config information for
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * logging. Hence we need to call updateMonitConfigForLogService() here
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * to make sure the monitoring handle does get updated with the config
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * information eventually.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster /** Find or create a logger for a named subsystem. If a logger has
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * already been created with the given name it is returned. Otherwise
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * a new logger is created.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * If a new logger is created, its log level will be configured
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * based on the <code>LogManager</code> and it will configured to also
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * send logging output to its parent logger's Handlers. It will be
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * registered in the <code>LogManager</code> global namespace.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * If the named Logger already exists and does not yet have a
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * localization resource bundle then the given resource bundle
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * name is used. If the named Logger already exists and has
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * a different resource bundle name then an
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * <code>IllegalArgumentException</code> is thrown.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param name A name for the logger. This should be a dot-separated name
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * and should be the file name you want to have for your logs, such
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * as <code>amSSO.access</code> or audit.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param rbName A resource bundle to be used for localizing the log
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @return logger for a named subsystem.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public static synchronized java.util.logging.Logger getLogger(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if ((name == null) || (name.length() == 0) || name.indexOf("..") >= 0) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster /* Do not allow logging if logName has "..". */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster boolean loggerExists = false;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // The LoggerName is in the list, but we should check whether the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // referenced Logger still exists, see OPENAM-14
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster java.util.logging.Logger.getLogger(name, rbName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * if the logger is a new object, we have to set the appropriate
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * handlers and formatters to the logger before returning the result.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Log a LogRecord indicating the start of logging to this file
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster private static void logStartRecord (Logger logger) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * SSOToken not required to instantiate a log file, so
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * need one to say who's doing the logging of the record,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * and whose it "about".
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster (LogMessageProviderBase)MessageProviderFactory.getProvider(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SSOToken ssot = LogManagerUtil.getLoggingSSOToken();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String location = lm.getProperty(LogConstants.LOG_LOCATION);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster provider.createLogRecord(LogConstants.START_LOG_NEW_LOGGER_NAME,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Debug.error("Logger.logStartRecord:could not log to " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Returns the current file to which the logger's handler is writing.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * This is useful only in case of file..
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @return the current file to which the logger's handler is writing.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Set the current file to which the logger's handler is writing.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param fileName name of file.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Return whether resolve host name is enabled
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @return <code>resolveHostName</code>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public static boolean resolveHostNameEnabled() {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster static void extractInfoFromLogFor(ILogRecord rec)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String ctxID = ssoToken.getProperty(Constants.AM_CTX_ID);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster rec.addLogInfo(LogConstants.CONTEXT_ID, ctxID);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String clientDomain = ssoToken.getProperty("Organization");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (clientDomain == null || clientDomain.length() == 0) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster clientDomain = ssoToken.getProperty("cdomain");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster rec.addLogInfo(LogConstants.DOMAIN, clientDomain);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * these are the compulsory fields ... to be logged even if there are
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * exceptions while getting domain, loginid, ipaddr, hostname
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster rec.addLogInfo(LogConstants.TIME, sdf.format(date));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (rec instanceof java.util.logging.LogRecord) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster rec.addLogInfo(LogConstants.DATA, jLogRecord.getMessage());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster static void resolveHostName(ILogRecord rec, SSOToken ssoToken)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * using the SSOToken, get the hostname first, as
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * getting the IPAddr appears to use an Inet call using
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * the hostname...
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * if com.sun.identity.log.resolveHostName=false, then
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * IPAddr field will end up "Not Available"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster java.net.InetAddress ipAddr = ssoToken.getIPAddress();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * getting a leading "/" from InetAddress.getByName(host)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * in SSOTokenImpl.java when "host" is an IPaddress.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * if no hostname returned, or only IP address,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * try getting hostname from InetAddr
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ((ipAddress != null) && (ipAddress.equals(hostName)))) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster rec.addLogInfo(LogConstants.HOST_NAME, hostName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster rec.addLogInfo(LogConstants.IP_ADDR, ipAddress);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * increment the logging service LoggingRecsRejected attribute and
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * the logging handler's (File, DB, and Secure only) LoggingHdlrFailureCt.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * this is for the count of rejections due to unauthorized userid trying
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * to write to the log.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (LogManager.isLocal && MonitoringUtil.isRunning()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // logging service stat
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // handler's stat
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // if DB then database, else if secure then secure file, else file
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SsoServerLoggingSvcImpl.SECURE_FILE_HANDLER_NAME);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * also increment handler's request count. if it gets
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * through the authorization check, it gets incremented
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * in the handler itself.