Package com.gigaspaces.security.audit

Service-side security auditing

See: Description

Interface Summary

Interface	Description
SecurityAudit	Security auditing interface

Class Summary

Class	Description
AuditDetails	The AuditDetails are client side auditing details sent to the server on each authentication request.
AuditFormatter
AuditHandler	A declarable extension to RollingFileHandler.
AuditLogRecord	The java logging facility formats a LogRecord before it is logged.
LoggerSecurityAudit	Server-side security auditing using the configuration given entirely by the LogManager properties.

Package com.gigaspaces.security.audit Description

Service-side security auditing

Configuring the security audit implementation class as part of the security properties:

com.gs.security.security-audit.class = com.gigaspaces.security.audit.LoggerSecurityAudit

Server-side security auditing uses the configuration given entirely by the LogManager properties. These properties are part of the logging configuration config/log/xap_logging.properties.

Logging configuration properties - defaults:

# Enable/Disable security auditing
com.gigaspaces.security.audit.enabled = false

# Audit level of interest
com.gigaspaces.security.audit.level = OFF

# Declarable extension for property configuration
com.gigaspaces.security.audit.handler = com.gigaspaces.security.audit.AuditHandler

# Properties configuring the audit-handler:
com.gigaspaces.security.audit.AuditHandler.formatter = com.gigaspaces.logger.GSSimpleFormatter
com.gigaspaces.security.audit.AuditHandler.filename-pattern = {gs.logs}/logs/gigaspaces-security-audit-{service}-{host}-{pid}.log

Audit Levels

.OFF     - Nothing is audited
.SEVERE  - Authentication failure or invalid session
.WARNING - Access denied due to insufficient privileges
.INFO    - Authentication successful
.FINE    - Access granted