Package com.gigaspaces.security.audit

Service-side security auditing

See: Description

Interface Summary

Interface	Description
SecurityAudit	Security auditing interface

Class Summary

Class	Description
AuditDetails	The AuditDetails are client side auditing details sent to the server on each authentication request.
AuditHandler	A declarable extension to RollingFileHandler.
AuditLogRecord	The java logging facility formats a LogRecord before it is logged.
LoggerSecurityAudit	Server-side security auditing using the configuration given entirely by the LogManager properties.

Package com.gigaspaces.security.audit Description

Service-side security auditing

Configuring the security audit implementation class as part of the security properties:

com.gs.security.security-audit.class = com.gigaspaces.security.audit.LoggerSecurityAudit

Server-side security auditing uses the configuration given entirely by the LogManager properties. These properties are part of the logging configuration config/log/xap_logging.properties.

Logging configuration properties - defaults:

# Enable/Disable security auditing
com.gigaspaces.security.audit.enabled = false

# Audit level of interest
com.gigaspaces.security.audit.level = OFF

# Declarable extension for property configuration
com.gigaspaces.security.audit.handler = com.gigaspaces.security.audit.AuditHandler

# Properties configuring the audit-handler:
com.gigaspaces.security.audit.AuditHandler.formatter = com.gigaspaces.logger.GSSimpleFormatter
com.gigaspaces.security.audit.AuditHandler.filename-pattern = {homedir}/logs/gigaspaces-security-audit-{service}-{host}-{pid}.log

Audit Levels

.OFF     - Nothing is audited
.SEVERE  - Authentication failure or invalid session
.WARNING - Access denied due to insufficient privileges
.INFO    - Authentication successful
.FINE    - Access granted