com.gigaspaces.security.audit

Class LoggerSecurityAudit

java.lang.Object

com.gigaspaces.security.audit.LoggerSecurityAudit

All Implemented Interfaces:

SecurityAudit

public class LoggerSecurityAudit
extends Object
implements SecurityAudit

Server-side security auditing using the configuration given entirely by the LogManager properties.

Since:

7.0.1

Author:

Moran Avigdor

See Also:

package.html

Field Summary

Fields

Modifier and Type	Field and Description
static Logger	auditLogger Logger used for auditing

Constructor Summary

Constructors

Constructor and Description
LoggerSecurityAudit() Create a security audit using the configuration given entirely by the LogManager properties.

Method Summary

Modifier and Type	Method and Description
void	accessDenied(SecurityContext securityContext, SessionDetails sessionDetails, Privilege privilege, String className) Audit access denied events as WARNING
void	accessGranted(SecurityContext securityContext, SessionDetails sessionDetails, Privilege privilege, String className) Audit access granted events as FINE
void	authenticationFailed(SecurityContext securityContext, AuthenticationException authenticationException) Audit authentication failed events as SEVERE
void	authenticationInvalid(AuthenticationToken token) Audit invalid authentication session events as SEVERE
void	authenticationSuccessful(SecurityContext in, SecurityContext out) Audit authentication successful events as INFO

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

auditLogger

public static final Logger auditLogger

Logger used for auditing

Constructor Detail

LoggerSecurityAudit

public LoggerSecurityAudit()

Create a security audit using the configuration given entirely by the LogManager properties.

Method Detail

authenticationFailed

public void authenticationFailed(SecurityContext securityContext,
                                 AuthenticationException authenticationException)

Audit authentication failed events as SEVERE

Specified by:

authenticationFailed in interface SecurityAudit

Parameters:

securityContext - Security context used to authenticate.

authenticationException - reason for authentication failure.

authenticationSuccessful

public void authenticationSuccessful(SecurityContext in,
                                     SecurityContext out)

Audit authentication successful events as INFO

Specified by:

authenticationSuccessful in interface SecurityAudit

Parameters:

in - Security context used to authenticate

out - Security context returned upon successful authentication

authenticationInvalid

public void authenticationInvalid(AuthenticationToken token)

Audit invalid authentication session events as SEVERE

Specified by:

authenticationInvalid in interface SecurityAudit

Parameters:

token - Security context holding the authentication token.

accessDenied

public void accessDenied(SecurityContext securityContext,
                         SessionDetails sessionDetails,
                         Privilege privilege,
                         String className)

Audit access denied events as WARNING

Specified by:

accessDenied in interface SecurityAudit

Parameters:

securityContext - Security context holding the authentication token

sessionDetails - details of this session

privilege - required privilege

className - The class name on which to operate

accessGranted

public void accessGranted(SecurityContext securityContext,
                          SessionDetails sessionDetails,
                          Privilege privilege,
                          String className)

Audit access granted events as FINE

Specified by:

accessGranted in interface SecurityAudit

Parameters:

securityContext - Security context holding the authentication token

privilege - The privilege granted

className - The class name on which to operate