com.waveset.object
Class AuditEvent

java.lang.Object
  extended byjava.util.Dictionary
      extended byjava.util.Hashtable
          extended bycom.waveset.object.AuditEvent
All Implemented Interfaces:
java.lang.Cloneable, java.util.Map, java.io.Serializable

public class AuditEvent
extends java.util.Hashtable

This class represents all of the records that are for logged for Audit Purposes. LogRecord extends HashTable. DB Table Name : waveset.Log Schema for this record is : id VARCHAR(50) NOT NULL // internal DB ID resourceName VARCHAR(128) accountName VARCHAR(50) objectType VARCHAR(50) objectName VARCHAR(128) action VARCHAR(50) actionDate CHAR(8) // YYYYMMDD actionTime CHAR(13) // HH:MM:SS.mmmm actionStatus VARCHAR(20) interface VARCHAR(20) server VARCHAR(128) subjectName VARCHAR(128) reason VARCHAR(128) msg VARCHAR(255) role VARCHAR(128) attrChanges BLOB // name=value list of attributes that were changed parm01label VARCHAR(50) parm01value VARCHAR(128) parm02label VARCHAR(50) parm02value VARCHAR(128) parm03label VARCHAR(50) parm03value VARCHAR(128) parm04label VARCHAR(50) parm04value VARCHAR(128) parm05label VARCHAR(50) parm05value VARCHAR(128)

See Also:
Serialized Form

Field Summary
static java.lang.String ACCOUNT_DISABLED
           
static java.lang.String ACCOUNT_LOCKED
           
static java.lang.String ACCOUNT_QUESTION_LOCKED
           
static java.lang.String code_id
           
static java.lang.String DATABASE_ACCESS_FAILED
           
static java.lang.String DUTY_CONFLICT
           
static java.lang.String ENTITLEMENT_SCAN
           
static java.lang.String INSUFFICIENT_PRIVILEGES
           
static java.lang.String INVALID_CREDENTIALS
           
static java.lang.String POLICY_VIOLATION
           
 
Constructor Summary
AuditEvent()
           
AuditEvent(PersistentObject po)
          Create an audit records for a persistent object, this will set the events object Type, object name, and memberobject groups.
AuditEvent(PersistentObject po, Right right)
           
AuditEvent(PersistentObject po, java.lang.String action)
          Same as AuditEvent(persistentObject po ) but also allows caller to specify the actionType during object construction.
AuditEvent(java.lang.String type, Right right)
           
AuditEvent(java.lang.String objectType, java.lang.String action)
           
AuditEvent(Type type, Right right)
           
AuditEvent(Type type, java.lang.String action)
           
 
Method Summary
 void addAuditableAttributes(AccountAttributeType[] acctAttrs, java.util.Map attrs)
          Go through and figure out which of the reource attributes are marked auditable and add them to the event, if its in the list of user attributes.
 void addAuditableAttributes(AccountAttributeType[] acctAttrs, WSAttributes userAttrs)
          Deprecated. as of 4.1 see setAuditableAttributes(Map map). Extended auditing attributes should be stored in the logattr table. Go through and figure out which of the reource attributes are marked auditable and add them to the event, if its in the list of user attributes.
 void addParameter(java.lang.String name, java.lang.String value)
          Adds a parameter to the parameter list.
 boolean belongsToObjectGroup()
          Method called by the ReportLogHandler to make sure all records belong to at least one object group before being written.
 java.lang.String getAccountAttributesBlob()
          Get the list of changed attributes.
 java.lang.String getAccountId()
           
 java.lang.String getAction()
           
 java.lang.Object getAttribute(Attribute key)
          Gets an attribute that is saved as part of a log record.
 java.lang.Object getAttribute(java.lang.String key)
          Gets an attribute that is saved as part of a log record.
 java.util.Map getAttributeMap()
          Deprecated. as of 4.1 see getAuditableAttributes(). Extended auditing attributes should be stored in the logattr table.
 java.lang.String getAttributeValue(java.lang.String name)
          Deprecated. as of 4.1 see getAuditableAttributes(). Get a value from the ACCOUNT_ATTRIBUTE_LIST. Used by LogRecord prior to 4.1.
 java.util.Map getAuditableAttributes()
          Get the attributes that should be put into the waveset.logattr table.
 java.lang.String getErrorString()
           
 java.lang.String getInterface()
           
 java.util.ArrayList getMemberObjectGroupRefs()
           
 java.lang.String getObjectName()
           
 java.lang.String getObjectType()
           
 java.util.Map getOverflowAttributes()
           
 java.util.HashMap getParameterList()
          Gets all of the parameters for this record.
 java.lang.String getParameterValue(java.lang.String name)
          Gets a named parameter out of the parameter list.
 java.lang.String getReason()
           
static java.lang.String getReasonCode(java.lang.String reason)
           
static java.lang.String getReasonMsgKey(java.lang.String reason)
           
 java.lang.String getResourceName()
           
 java.lang.String getRoleName()
           
 java.lang.String getServer()
           
 java.lang.String getStatus()
           
 java.lang.String getSubjectName()
           
 long getTimeStamp()
          Gets the time at which this record was created.
 void setAccountAttributesBlob(java.util.List attrObjs)
          Take the list of attributes put them into name=value;; format.
 void setAccountAttributesBlob(java.util.Map attrs)
          Deprecated. as of 4.0SP2. Use #setAccountAttributesBlob(Map,Map) instead; this supports before/after image auditing.
 void setAccountAttributesBlob(java.util.Map attrs, java.util.Map oldAttrs)
          Take the list of attributes put them into name=value;; format.
 void setAccountAttributesBlob(java.util.Map attrs, java.util.Map oldAttrs, java.util.Set secretSet)
           
 void setAccountAttributesBlob(java.lang.String blob)
          Store a list of attributes should be in name=value format.
 void setAccountAttributesBlob(WSAttributes attrs, java.util.List secretList)
          Deprecated. as of 4.0SP2. Use #setAccountAttributesBlob(WSAttributes,WSAttributes,List) instead; this supports before/after image auditing.
 void setAccountAttributesBlob(WSAttributes attrs, WSAttributes oldAttrs, java.util.List secretList)
          Take the list of attributes put them into name=value;; format.
 void setAccountId(java.lang.String accountId)
          Sets the accountId associated with this this audit event.
 void setAction(java.lang.String action)
           
 void setAttribute(Attribute key, java.lang.Object value)
          Sets an attribute, saving it as part of an event record.
 void setAttribute(java.lang.String key, java.lang.Object value)
           
 void setAttributeMap(java.util.Map map)
          Deprecated. as of 4.1 see setAuditableAttributes(Map map). Extended auditing attributes should be stored in the logattr table.
 void setAuditableAttributes(java.util.Map map)
          Set the attributes that should be put in to the waveset.logattr table.
 void setErrorString(java.lang.String errorMessage)
          Set an error message for this event
 void setErrorString(WavesetResult result)
          Set an error message for this event, for convience it takes in a WavesetResult.
 void setInterface(java.lang.String interfaceName)
          Sets the Login Application name for this audit event.
 void setMemberObjectGroupRefs(java.util.List ogRefs)
           
 void setObjectName(PersistentObject po)
          This is the object instance name.
 void setObjectName(java.lang.String objectName)
          Sets the object name associated with this this audit event.
 void setObjectType(java.lang.String objectType)
          Sets the object type mask associated with this this audit event.
 void setObjectType(Type type)
           
 void setOverflowAttributes(java.util.Map obj)
           
 void setParameterList(java.util.HashMap attrs)
          Sets a records parameter list.
 void setPersistentObject(PersistentObject po)
          Set this events persistent object, this will set the events object Type, object name, and memberobject groups.
 void setReason(java.lang.String reason)
          Sets the Denied Reason for this audit event.
 void setResourceName(java.lang.String resource)
          Sets the name of the resource associated with this this audit event.
 void setRole(Role role)
          Sets the role name for this audit event.
 void setRoleName(java.lang.String roleName)
          Sets the role name for this audit event.
 void setServer(java.lang.String server)
          Sets the server name for this audit event.
 void setStatus(java.lang.String status)
           
 void setSubjectInfo(Subject subject)
          Extracts information from the subject object and sets it on the audit event.
 void setSubjectName(java.lang.String subjectName)
          Sets the subject name for this audit event.
 void setTimeStamp(long time)
          Sets the time at which this record was created.
 
Methods inherited from class java.util.Hashtable
clear, clone, contains, containsKey, containsValue, elements, entrySet, equals, get, hashCode, isEmpty, keys, keySet, put, putAll, rehash, remove, size, toString, values
 
Methods inherited from class java.lang.Object
finalize, getClass, notify, notifyAll, wait, wait, wait
 

Field Detail

code_id

public static final java.lang.String code_id
See Also:
Constant Field Values

POLICY_VIOLATION

public static final java.lang.String POLICY_VIOLATION
See Also:
Constant Field Values

INVALID_CREDENTIALS

public static final java.lang.String INVALID_CREDENTIALS
See Also:
Constant Field Values

INSUFFICIENT_PRIVILEGES

public static final java.lang.String INSUFFICIENT_PRIVILEGES
See Also:
Constant Field Values

DATABASE_ACCESS_FAILED

public static final java.lang.String DATABASE_ACCESS_FAILED
See Also:
Constant Field Values

ACCOUNT_DISABLED

public static final java.lang.String ACCOUNT_DISABLED
See Also:
Constant Field Values

ACCOUNT_LOCKED

public static final java.lang.String ACCOUNT_LOCKED
See Also:
Constant Field Values

ACCOUNT_QUESTION_LOCKED

public static final java.lang.String ACCOUNT_QUESTION_LOCKED
See Also:
Constant Field Values

DUTY_CONFLICT

public static final java.lang.String DUTY_CONFLICT
See Also:
Constant Field Values

ENTITLEMENT_SCAN

public static final java.lang.String ENTITLEMENT_SCAN
See Also:
Constant Field Values
Constructor Detail

AuditEvent

public AuditEvent()

AuditEvent

public AuditEvent(java.lang.String objectType,
                  java.lang.String action)

AuditEvent

public AuditEvent(Type type,
                  Right right)

AuditEvent

public AuditEvent(Type type,
                  java.lang.String action)

AuditEvent

public AuditEvent(java.lang.String type,
                  Right right)

AuditEvent

public AuditEvent(PersistentObject po)
Create an audit records for a persistent object, this will set the events object Type, object name, and memberobject groups. The status will be set to SUCCESS, but can be modified after the object is constructed using the setStatus method.


AuditEvent

public AuditEvent(PersistentObject po,
                  java.lang.String action)
Same as AuditEvent(persistentObject po ) but also allows caller to specify the actionType during object construction.


AuditEvent

public AuditEvent(PersistentObject po,
                  Right right)
Method Detail

getReasonCode

public static java.lang.String getReasonCode(java.lang.String reason)
Returns:
the two-letter code for the specified reason or null if not defined as a constant.

Note that this is NOT extensible (although LogKeyResolver could make it so).


getReasonMsgKey

public static java.lang.String getReasonMsgKey(java.lang.String reason)
Returns:
a literal string (or a bound message) for the specified reason code or message key (or null if the specified reason is not defined as a constant).

Note that this is NOT extensible (although LogKeyResolver could make it so).


setPersistentObject

public void setPersistentObject(PersistentObject po)
Set this events persistent object, this will set the events object Type, object name, and memberobject groups.


setRoleName

public void setRoleName(java.lang.String roleName)
Sets the role name for this audit event. This will add it to one of the extra slots in the audit event. Initally this was its own column in the database, but seeing that role will change here comming up I'm going to wait before promoting it.

Parameters:
roleName -

setRole

public void setRole(Role role)
Sets the role name for this audit event. This is a convenience method that calls getName on the specified role.

Parameters:
role -

getRoleName

public java.lang.String getRoleName()

setServer

public void setServer(java.lang.String server)
Sets the server name for this audit event.

Parameters:
server -

getServer

public java.lang.String getServer()

setReason

public void setReason(java.lang.String reason)
Sets the Denied Reason for this audit event.

Parameters:
reason -

getReason

public java.lang.String getReason()

setErrorString

public void setErrorString(java.lang.String errorMessage)
Set an error message for this event

Parameters:
errorMessage -

setErrorString

public void setErrorString(WavesetResult result)
Set an error message for this event, for convience it takes in a WavesetResult. It will extract all errors from the result and any stack trace information.

Parameters:
result -

getErrorString

public java.lang.String getErrorString()

setInterface

public void setInterface(java.lang.String interfaceName)
Sets the Login Application name for this audit event. This field is automatically set when setSubjectInfo is called.

Parameters:
interfaceName -

getInterface

public java.lang.String getInterface()

setSubjectInfo

public void setSubjectInfo(Subject subject)
Extracts information from the subject object and sets it on the audit event. This is the preferred way of setting the subject name, however it can also be set vai setSubjectName(). It sets the following attributes on the event, if present on the subject. 1. subject name 2. session id 3. client ip 4. login application subject used to authenticate

Parameters:
subject -

setSubjectName

public void setSubjectName(java.lang.String subjectName)
Sets the subject name for this audit event.

Parameters:
subjectName -

getSubjectName

public java.lang.String getSubjectName()

setAccountId

public void setAccountId(java.lang.String accountId)
Sets the accountId associated with this this audit event.

Parameters:
accountId -

getAccountId

public java.lang.String getAccountId()

setResourceName

public void setResourceName(java.lang.String resource)
Sets the name of the resource associated with this this audit event.

Parameters:
resource -

getResourceName

public java.lang.String getResourceName()

setObjectType

public void setObjectType(java.lang.String objectType)
Sets the object type mask associated with this this audit event.

Parameters:
objectType -

setObjectType

public void setObjectType(Type type)

getObjectType

public java.lang.String getObjectType()

getAction

public java.lang.String getAction()

setAction

public void setAction(java.lang.String action)

getStatus

public java.lang.String getStatus()

setStatus

public void setStatus(java.lang.String status)

setObjectName

public void setObjectName(java.lang.String objectName)
Sets the object name associated with this this audit event. This is just the instance name.

Parameters:
objectName -

setObjectName

public void setObjectName(PersistentObject po)
This is the object instance name. For convience take in a persistentObject and call getName(), if null call getId().

Parameters:
po -

getObjectName

public java.lang.String getObjectName()

addParameter

public void addParameter(java.lang.String name,
                         java.lang.String value)
Adds a parameter to the parameter list. There can be a maximum of 5 attributes.

Parameters:
name - parameter name
value - parameter value

setParameterList

public void setParameterList(java.util.HashMap attrs)
Sets a records parameter list. We want to make sure we don't smash any of the current values, so if there are values add the new attrs to the list.

Parameters:
attrs -

getParameterValue

public java.lang.String getParameterValue(java.lang.String name)
Gets a named parameter out of the parameter list.

Parameters:
name -

getParameterList

public java.util.HashMap getParameterList()
Gets all of the parameters for this record. sigh.. I would like to have this called getParameters, but the base class here already has a method named that which returns only a string.


setTimeStamp

public void setTimeStamp(long time)
Sets the time at which this record was created. This value is expected to be of the format returned by System.currentTimeMillis.

Parameters:
time -

getTimeStamp

public long getTimeStamp()
Gets the time at which this record was created. The value is returned as a long in miliseconds.


getAuditableAttributes

public java.util.Map getAuditableAttributes()
Get the attributes that should be put into the waveset.logattr table.


setAuditableAttributes

public void setAuditableAttributes(java.util.Map map)
Set the attributes that should be put in to the waveset.logattr table. These attributes will eventually be turned into WSAttributes in LogRecord before being put into the database. NOTE: These attributes replaced what used to be stored in acctAttr01label-acctAttr05label and acctAttr01value-acctAttr05value slots in the log table.


getOverflowAttributes

public java.util.Map getOverflowAttributes()

setOverflowAttributes

public void setOverflowAttributes(java.util.Map obj)

addAuditableAttributes

public void addAuditableAttributes(AccountAttributeType[] acctAttrs,
                                   java.util.Map attrs)
Go through and figure out which of the reource attributes are marked auditable and add them to the event, if its in the list of user attributes. NOTE: These attributes used to be stored in acctAttr01label-acctAttr05label and acctAttr01value-acctAttr05value slots in the log table.


addAuditableAttributes

public void addAuditableAttributes(AccountAttributeType[] acctAttrs,
                                   WSAttributes userAttrs)
Deprecated. as of 4.1 see setAuditableAttributes(Map map). Extended auditing attributes should be stored in the logattr table. Go through and figure out which of the reource attributes are marked auditable and add them to the event, if its in the list of user attributes.


setAttributeMap

public void setAttributeMap(java.util.Map map)
Deprecated. as of 4.1 see setAuditableAttributes(Map map). Extended auditing attributes should be stored in the logattr table.


getAttributeMap

public java.util.Map getAttributeMap()
Deprecated. as of 4.1 see getAuditableAttributes(). Extended auditing attributes should be stored in the logattr table.


getAttributeValue

public java.lang.String getAttributeValue(java.lang.String name)
Deprecated. as of 4.1 see getAuditableAttributes(). Get a value from the ACCOUNT_ATTRIBUTE_LIST. Used by LogRecord prior to 4.1.


setAccountAttributesBlob

public void setAccountAttributesBlob(WSAttributes attrs,
                                     WSAttributes oldAttrs,
                                     java.util.List secretList)
Take the list of attributes put them into name=value;; format. Which in turn will get stored in a blob. The delimeter ;; will be filtered.


setAccountAttributesBlob

public void setAccountAttributesBlob(java.util.Map attrs,
                                     java.util.Map oldAttrs,
                                     java.util.Set secretSet)

setAccountAttributesBlob

public void setAccountAttributesBlob(WSAttributes attrs,
                                     java.util.List secretList)
Deprecated. as of 4.0SP2. Use #setAccountAttributesBlob(WSAttributes,WSAttributes,List) instead; this supports before/after image auditing.

Take the list of attributes put them into name=value;; format. Which in turn will get stored in a blob. The delimeter ;; will be filtered.


setAccountAttributesBlob

public void setAccountAttributesBlob(java.lang.String blob)
Store a list of attributes should be in name=value format.


setAccountAttributesBlob

public void setAccountAttributesBlob(java.util.Map attrs,
                                     java.util.Map oldAttrs)
Take the list of attributes put them into name=value;; format. Which in turn will get stored in a blob. The delimeter ;; will be filtered.


setAccountAttributesBlob

public void setAccountAttributesBlob(java.util.Map attrs)
Deprecated. as of 4.0SP2. Use #setAccountAttributesBlob(Map,Map) instead; this supports before/after image auditing.

Take the list of attributes put them into name=value;; format. Which in turn will get stored in a blob. The delimeter ;; will be filtered.


setAccountAttributesBlob

public void setAccountAttributesBlob(java.util.List attrObjs)
Take the list of attributes put them into name=value;; format. Which in turn will get stored in a blob. The delimeter ;; will be filtered. Take a list of generic objects from the Provisioner and turn them into a string map. This list of attributes is put onto the provisioning options by WorkFlowServices and each objet will include a property name and property new, which represents a new value.


getAccountAttributesBlob

public java.lang.String getAccountAttributesBlob()
Get the list of changed attributes.


setMemberObjectGroupRefs

public void setMemberObjectGroupRefs(java.util.List ogRefs)

getMemberObjectGroupRefs

public java.util.ArrayList getMemberObjectGroupRefs()

belongsToObjectGroup

public boolean belongsToObjectGroup()
Method called by the ReportLogHandler to make sure all records belong to at least one object group before being written.


setAttribute

public void setAttribute(Attribute key,
                         java.lang.Object value)
Sets an attribute, saving it as part of an event record. If the name or the attribute are null, nothing is saved.

Parameters:
key -
value -

setAttribute

public void setAttribute(java.lang.String key,
                         java.lang.Object value)

getAttribute

public java.lang.Object getAttribute(Attribute key)
Gets an attribute that is saved as part of a log record.


getAttribute

public java.lang.Object getAttribute(java.lang.String key)
Gets an attribute that is saved as part of a log record.