Logger.java revision 8d3140b524c0e28c0a49dc7c7d481123ef3cfe11
/**
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
*
* Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
*
* The contents of this file are subject to the terms
* of the Common Development and Distribution License
* (the License). You may not use this file except in
* compliance with the License.
*
* You can obtain a copy of the License at
* See the License for the specific language governing
* permission and limitations under the License.
*
* When distributing Covered Code, include this CDDL
* Header Notice in each file and include the License file
* at opensso/legal/CDDLv1.0.txt.
* If applicable, add the following below the CDDL Header,
* with the fields enclosed by brackets [] replaced by
* your own identifying information:
* "Portions Copyrighted [year] [name of copyright owner]"
*
* $Id: Logger.java,v 1.15 2009/12/09 00:34:21 bigfatrat Exp $
*
*/
/*
* Portions Copyrighted 2011 ForgeRock AS
*/
/**
* OpenAM extension to the jdk1.4 Logger
* This extension gives some functionality required by
* OpenAM secure logger.
* For <code>JDK1.4</code> Logger please refer to
* <pre>
* </pre>
* @supported.all.api
*/
private static LogManager lm;
protected static boolean resolveHostName;
/**
* Lock to prevent parallel writing and reading at the same time.
*/
static {
try {
/* our Debug system will no be up now, so can't Debug */
}
location);
}
}
}
/* Check if hostnames have to be resolved */
booleanValue();
}
/**
* Protected method to construct a logger for a named subsystem.
* <p>
* The logger will be initially configured with a null Level
* and with useParentHandlers true.
*
* @param name A name for the logger. This should be a
* dot-separated name and should normally be based on the
* package name or class name of the subsystem, such as java.net
* or javax.swing. It may be null for anonymous Loggers.
* @param resourceBundleName Name of the ResourceBundle to be used for
* localizing messages for this logger. May be null if none
* of the messages require localization.
* @throws MissingResourceException if the ResourceBundleName is
* non-null and no corresponding resource can be found.
*/
super(name,resourceBundleName);
}
/**
* To add handlers and formatters to the new logger object
*/
/*
* see if logging level for this file already defined.
* if not, then check AMConfig.properties.
* if not, then use Logging service config value.
* if not, then use default ("INFO")
*/
}
}
}
try {
} catch (IllegalArgumentException iaex) {
}
// but disabled logging in AMConfig.properties takes precedence
}
if (handlerClass == null) {
"HandlerClass not in classpath ");
return;
}
try {
} catch (Exception e) {
"HandlerClass not in classpath: " + handlerClass, e);
return;
}
try {
}
} catch (Exception e) {
"constructor parameter mismatch ", e);
return;
}
try {
}
} catch (Exception e) {
"Could not instantiate handler: " + handlerClass, e);
return;
}
if (formatterClass == null) {
"formatterClass not in classpath ");
return;
}
try {
} catch (Exception e) {
"Could not load Formatter Class: " + formatterClass, e);
return;
}
try {
}
} catch (Exception e) {
"Could not get Formatter instance " + formatterClass, e);
return;
}
try {
} catch (Exception e) {
"Unable to add Handler", e);
return;
}
try {
if (filterClassName != null) {
}
} catch (Exception e) {
"Could not set Filter: "+ filterClassName, e);
}
result.setUseParentHandlers(false);
booleanValue();
}
/**
* Directs every log call to <code>log(LogRecord, Object)</code>
* And thus the default authorization check does not allow logging
* when an application uses this interface.
*
* @param record The <code>LogRecord</code> to be logged.
*/
if (record instanceof ILogRecord) {
} else {
}
}
if (!LogManager.isLocal) {
/* In case of remote sso token must be provide. */
": remote logging, ssoToken is null; Will not log");
return false;
}
} else {
/* Authorizer need not be called in the case of remote. */
incMonReject(); // increment log svc and handler stats
": authorization failed; Will not log");
}
}
return true;
}
try {
} catch (SSOException ssoe) {
": could not get clientID from ssoToken:", ssoe);
}
}
}
/* add module name only if it's already not added. */
}
}
/**
* Log entitlement log record.
*
* @param record Log record.
*/
try {
} catch (SSOException e) {
}
} else {
"Logger.log: cannot log non java.util.logging.LogRecord class");
}
}
}
/**
* Calls super.log after checking authorization.
* Data is not logged at all if this check fails.
*
* @param record The <code>LogRecord</code> to be logged.
* @param cred To prove authorization for log WRITE.
* The default authorization hook checks validity of the single
* sign on token which should be passed as the <code>cred</code>.
*/
}
/*
* These are normally done by the LogManager private method
* doLog(). But since this record is not passing through that
* method we have to explicitly do this.
* ResourceBundle logic has been simplified.
*/
}
}
try {
/*
* this is to serialize logging,signing and verifying
* threads so that no signing or verification takes
* place once a logging thread has gone past this point
*/
synchronized (this) {
}
} else {
}
} finally {
}
}
/** Writes all the buffered log records.
*/
public void flush() {
/*
* Post the LogRecord to all our Handlers, and then to
* our parents' handlers, all the way up the tree.
*/
}
}
}
/**
* Find or create a logger for a named subsystem. If a logger has
* already been created with the given name it is returned. Otherwise
* a new logger is created.
* <p>
* If a new logger is created its log level will be configured
* based on the <code>LogManager</code> and it will be configured NOT to
* send logging output to its parent loggers Handlers. It will be
* registered in the <code>LogManager</code> global namespace.
*
* @param name A name for the logger. This should be a dot-separated name
* and should be the file name you want to have for your logs,
* such as <code>amSSO.access</code>, or audit.
* @return a suitable <code>Logger</code>.
*/
{
{
/* Do not allow logging if logName has "..". */
return null;
}
boolean loggerExists = false;
while (e.hasMoreElements()) {
loggerExists = true;
}
}
if (loggerExists) {
return result;
}
}
if (SystemProperties.isServerMode()) {
}
/* Logging service starts earlier than Monitoring.
* Because of this the first call to LogManager's readConfiguration()
* does not update the monitoring handle with the config information for
* logging. Hence we need to call updateMonitConfigForLogService() here
* to make sure the monitoring handle does get updated with the config
* information eventually.
*/
if(!lm.isMonitoringInit){
}
return result;
}
/** Find or create a logger for a named subsystem. If a logger has
* already been created with the given name it is returned. Otherwise
* a new logger is created.
* <p>
* If a new logger is created, its log level will be configured
* based on the <code>LogManager</code> and it will configured to also
* send logging output to its parent logger's Handlers. It will be
* registered in the <code>LogManager</code> global namespace.
* <p>
* If the named Logger already exists and does not yet have a
* localization resource bundle then the given resource bundle
* name is used. If the named Logger already exists and has
* a different resource bundle name then an
* <code>IllegalArgumentException</code> is thrown.
*
* @param name A name for the logger. This should be a dot-separated name
* and should be the file name you want to have for your logs, such
* as <code>amSSO.access</code> or audit.
* @param rbName A resource bundle to be used for localizing the log
* messages.
* @return logger for a named subsystem.
*/
{
/* Do not allow logging if logName has "..". */
return null;
}
boolean loggerExists = false;
while (e.hasMoreElements()) {
// The LoggerName is in the list, but we should check whether the
// referenced Logger still exists, see OPENAM-14
loggerExists = true;
}
}
}
if (loggerExists) {
return result;
}
/*
* if the logger is a new object, we have to set the appropriate
* handlers and formatters to the logger before returning the result.
*/
if (SystemProperties.isServerMode()) {
}
return result;
}
/**
* Log a LogRecord indicating the start of logging to this file
*/
/*
* SSOToken not required to instantiate a log file, so
* need one to say who's doing the logging of the record,
* and whose it "about".
*/
try {
"Logging");
s, ssot);
} catch (IOException ioex) {
}
}
/**
* Returns the current file to which the logger's handler is writing.
* This is useful only in case of file..
*
* @return the current file to which the logger's handler is writing.
*/
public String getCurrentFile() {
return currentFileName;
}
/**
* Set the current file to which the logger's handler is writing.
*
* @param fileName name of file.
*/
}
/**
* Return whether resolve host name is enabled
*
* @return <code>resolveHostName</code>
*/
public static boolean resolveHostNameEnabled() {
return resolveHostName;
}
throws SSOException {
return;
}
}
}
/*
* these are the compulsory fields ... to be logged even if there are
* exceptions while getting domain, loginid, ipaddr, hostname
*/
}
}
throws SSOException {
/*
* using the SSOToken, get the hostname first, as
* getting the IPAddr appears to use an Inet call using
* the hostname...
*
* if com.sun.identity.log.resolveHostName=false, then
* IPAddr field will end up "Not Available"
*/
if (Logger.resolveHostName) {
/*
* getting a leading "/" from InetAddress.getByName(host)
* in SSOTokenImpl.java when "host" is an IPaddress.
*/
/*
* if no hostname returned, or only IP address,
* try getting hostname from InetAddr
*/
}
}
}
}
/*
* increment the logging service LoggingRecsRejected attribute and
* the logging handler's (File, DB, and Secure only) LoggingHdlrFailureCt.
* this is for the count of rejections due to unauthorized userid trying
* to write to the log.
*/
private void incMonReject() {
// logging service stat
}
// handler's stat
// if DB then database, else if secure then secure file, else file
if (lm.isDBLogging()) {
} else {
}
/*
* also increment handler's request count. if it gets
* through the authorization check, it gets incremented
* in the handler itself.
*/
}
}
}
}