AuditServiceImpl.java revision c0f9d2b68dafb8bb2faaea3a47a3f5554462427e
e62cb87bae732e9968199a3ad153cc94004b7182vboxsync * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
e62cb87bae732e9968199a3ad153cc94004b7182vboxsync * Copyright 2011-2015 ForgeRock AS.
e62cb87bae732e9968199a3ad153cc94004b7182vboxsync * The contents of this file are subject to the terms
e62cb87bae732e9968199a3ad153cc94004b7182vboxsync * of the Common Development and Distribution License
e62cb87bae732e9968199a3ad153cc94004b7182vboxsync * (the License). You may not use this file except in
e62cb87bae732e9968199a3ad153cc94004b7182vboxsync * compliance with the License.
e62cb87bae732e9968199a3ad153cc94004b7182vboxsync * You can obtain a copy of the License at
e62cb87bae732e9968199a3ad153cc94004b7182vboxsync * See the License for the specific language governing
e62cb87bae732e9968199a3ad153cc94004b7182vboxsync * permission and limitations under the License.
e62cb87bae732e9968199a3ad153cc94004b7182vboxsync * When distributing Covered Code, include this CDDL
e62cb87bae732e9968199a3ad153cc94004b7182vboxsync * Header Notice in each file and include the License file
e62cb87bae732e9968199a3ad153cc94004b7182vboxsync * If applicable, add the following below the CDDL Header,
e62cb87bae732e9968199a3ad153cc94004b7182vboxsync * with the fields enclosed by brackets [] replaced by
e62cb87bae732e9968199a3ad153cc94004b7182vboxsync * your own identifying information:
456f370fcde010d585d9174df045978a6c9893c1vboxsync * "Portions Copyrighted [year] [name of copyright owner]"
e62cb87bae732e9968199a3ad153cc94004b7182vboxsyncimport static org.forgerock.json.resource.Responses.newActionResponse;
3f8fa562bb916e87b0beff9ec2a4e241c643dcc8vboxsyncimport static org.forgerock.json.resource.Responses.newResourceResponse;
e62cb87bae732e9968199a3ad153cc94004b7182vboxsyncimport static org.forgerock.openidm.audit.impl.AuditLogFilters.AS_SINGLE_FIELD_VALUES_FILTER;
e62cb87bae732e9968199a3ad153cc94004b7182vboxsyncimport static org.forgerock.openidm.audit.impl.AuditLogFilters.NEVER_FILTER;
e62cb87bae732e9968199a3ad153cc94004b7182vboxsyncimport static org.forgerock.openidm.audit.impl.AuditLogFilters.TYPE_ACTIVITY;
e62cb87bae732e9968199a3ad153cc94004b7182vboxsyncimport static org.forgerock.openidm.audit.impl.AuditLogFilters.TYPE_CONFIG;
e62cb87bae732e9968199a3ad153cc94004b7182vboxsyncimport static org.forgerock.openidm.audit.impl.AuditLogFilters.newActionFilter;
e62cb87bae732e9968199a3ad153cc94004b7182vboxsyncimport static org.forgerock.openidm.audit.impl.AuditLogFilters.newAndCompositeFilter;
e62cb87bae732e9968199a3ad153cc94004b7182vboxsyncimport static org.forgerock.openidm.audit.impl.AuditLogFilters.newEventTypeFilter;
a8b8210245d32ccaa2790ab8d69e43a83c2c0670vboxsyncimport static org.forgerock.openidm.audit.impl.AuditLogFilters.newOrCompositeFilter;
a8b8210245d32ccaa2790ab8d69e43a83c2c0670vboxsyncimport static org.forgerock.openidm.audit.impl.AuditLogFilters.newReconActionFilter;
a8b8210245d32ccaa2790ab8d69e43a83c2c0670vboxsyncimport static org.forgerock.openidm.audit.impl.AuditLogFilters.newScriptedFilter;
e62cb87bae732e9968199a3ad153cc94004b7182vboxsyncimport org.apache.felix.scr.annotations.ConfigurationPolicy;
e62cb87bae732e9968199a3ad153cc94004b7182vboxsyncimport org.apache.felix.scr.annotations.ReferencePolicy;
e62cb87bae732e9968199a3ad153cc94004b7182vboxsyncimport org.forgerock.audit.AuditServiceConfiguration;
5601bfbc69ea7f9194242feb79e89441d8d241f9vboxsyncimport org.forgerock.audit.events.EventTopicsMetaData;
@Component(name = "org.forgerock.openidm.audit", immediate=true, policy=ConfigurationPolicy.REQUIRE)
@Properties({
/* filter activity events on configured actions to include when a particular trigger context is in scope */
/* filter recon events on configured actions to include when a particular trigger context is in scope */
private enum DefaultAuditTopics {
sync,
// Upon activation the ScriptRegistry is present so we can add script-based audit log filters for event
} catch (Exception e) {
final JsonValue topics = AuditJsonConfig.getJson(getClass().getResourceAsStream("/auditTopics.json"));
return (T) connectionFactory;
throw ex;
return pointers;
// don't call deactivate since the AuditServiceProxy in the activate will call shutdown on the old audit
cleanup();
throw ex;
cleanup();
private void cleanup() {
public Promise<ResourceResponse, ResourceException> handleRead(Context context, ReadRequest request) {
public Promise<ResourceResponse, ResourceException> handleCreate(Context context, CreateRequest request) {
return new BadRequestException("Audit service called without specifying which audit log in the identifier")
.asPromise();
} catch (Exception e) {
.asPromise();
LOGGER.debug("Audit create called for {} with {}", request.getResourcePath(), request.getContent().asMap());
public Promise<ResourceResponse, ResourceException> handleUpdate(Context context, UpdateRequest request) {
public Promise<ResourceResponse, ResourceException> handleDelete(Context context, DeleteRequest request) {
public Promise<ResourceResponse, ResourceException> handlePatch(Context context, PatchRequest request) {
* <li>The top level map contains meta-data about the query, plus an entry with the actual result records.
* <li>The <code>QueryConstants</code> defines the map keys, including the result records (QUERY_RESULT)
public Promise<QueryResponse, ResourceException> handleQuery(final Context context, final QueryRequest request,
LOGGER.debug("Audit query called for {} with {}", request.getResourcePath(), request.getAdditionalParameters());
public Promise<ActionResponse, ResourceException> handleAction(Context context, ActionRequest request) {
} catch (Exception e) {
switch (requestAction) {
case getChangedWatchedFields:
case getChangedPasswordFields:
case availableHandlers:
private List<String> checkForFields(List<JsonPointer> fieldsToCheck, JsonValue before, JsonValue after) {
return changedFields;
private Promise<ActionResponse, ResourceException> getAvailableAuditEventHandlersWithConfigSchema() {
final List<String> availableAuditEventHandlers = auditService.getConfig().getAvailableAuditEventHandlers();
return new InternalServerErrorException(
.asPromise();
return customTopics;