org.adroitlogic.x.feature.audit.impl

Class AuditFeatureImpl

java.lang.Object

org.adroitlogic.x.api.AbstractIntegrationFeature

org.adroitlogic.x.feature.audit.impl.AuditFeatureImpl

All Implemented Interfaces:

org.adroitlogic.x.api.dec.Initializable, AuditFeature

@IntegrationFeature(clazz=AuditFeature.class,
                    name="audit")
public class AuditFeatureImpl
extends org.adroitlogic.x.api.AbstractIntegrationFeature
implements AuditFeature

This is the implementation of AuditFeature

Since:

17.01

Author:

Rajind Ruparathna

Nested Class Summary

Nested classes/interfaces inherited from interface org.adroitlogic.x.feature.audit.api.AuditFeature

AuditFeature.AuditData, AuditFeature.AuditFields, AuditFeature.AuditSeverity

Constructor Summary

Constructors

Constructor and Description
AuditFeatureImpl()

Method Summary

Modifier and Type	Method and Description
int	auditLogToDatabase(AuditFeature.AuditSeverity auditSeverity, Set<String> requestedAuditData, org.adroitlogic.x.api.XMessageContext xMessageContext, String auditSubject, String auditMessage, DataSource dataSource, String tableName) Inserts audit logs to the given database table.
int	auditLogToDatabase(DatabaseAuditTemplate databaseAuditTemplate, org.adroitlogic.x.api.XMessageContext xMessageContext, DataSource dataSource, String tableName) Inserts audit logs to the given database table with a schema represented by databaseAuditTemplate.
CompletableFuture<Integer>	auditLogToDatabaseAsync(AuditFeature.AuditSeverity auditSeverity, Set<String> requestedAuditData, org.adroitlogic.x.api.XMessageContext xMessageContext, String auditSubject, String auditMessage, DataSource dataSource, String tableName) Async operation for inserting audit logs to the given database table.
CompletableFuture<Integer>	auditLogToDatabaseAsync(DatabaseAuditTemplate databaseAuditTemplate, org.adroitlogic.x.api.XMessageContext xMessageContext, DataSource dataSource, String tableName) Async operation for inserting audit logs to the given database table with a schema represented by databaseAuditTemplate.
void	auditLogToFile(AuditFeature.AuditSeverity auditSeverity, Set<String> requestedAuditData, org.adroitlogic.x.api.XMessageContext xMessageContext, String auditSubject, String auditMessage) Prints audit log to file with the following fixed structure.
void	auditLogToFile(FileAuditTemplate fileAuditTemplate, org.adroitlogic.x.api.XMessageContext xMessageContext) Prints audit log to file according to the custom structure represented by fileAuditTemplate.
DatabaseAuditTemplate	createDatabaseAuditTemplate(AuditFeature.AuditSeverity auditSeverity, String requestedAuditFields, String auditSubject, String auditMessage) Creates a DatabaseAuditTemplate using the given parameters.
FileAuditTemplate	createFileAuditTemplate(AuditFeature.AuditSeverity auditSeverity, String requestedAuditFields, String auditSubject, String auditMessage) Creates a FileAuditTemplate using the given parameters.
void	destroy()
void	init(org.springframework.context.ApplicationContext context)

Methods inherited from class org.adroitlogic.x.api.AbstractIntegrationFeature

setProjectConfig, setProperties

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

AuditFeatureImpl

public AuditFeatureImpl()

Method Detail

init

public void init(org.springframework.context.ApplicationContext context)

Specified by:

init in interface org.adroitlogic.x.api.dec.Initializable

Overrides:

init in class org.adroitlogic.x.api.AbstractIntegrationFeature

auditLogToFile

public void auditLogToFile(AuditFeature.AuditSeverity auditSeverity,
                           Set<String> requestedAuditData,
                           org.adroitlogic.x.api.XMessageContext xMessageContext,
                           String auditSubject,
                           String auditMessage)

Description copied from interface: AuditFeature

Prints audit log to file with the following fixed structure.

SEVERITY, SUBJECT, MESSAGE, HEADERS, PROPERTIES, PAYLOAD, PRODUCT_NAME, NODE_NAME

User has some flexibility to enable or disable HEADERS, PROPERTIES and PAYLOAD in the audit log using requestedAuditData parameter. To have complete flexibility use auditLogToFile method.

Note that underling implementation uses log4j2 and hence required following configurations to be defined in log4j2.xml file.

In the Appenders section, following AUDIT_APPENDER configuration and ASYNC_AUDIT_APPENDER configuration should be added.

 <!-- AUDIT_APPENDER configuration for FileBasedAuditor -->
 <RollingRandomAccessFile name="AUDIT_APPENDER" fileName="logs/audit-x.log" filePattern="logs/$${date:yyyy-MM}/audit-x-%d{MM-dd-yyyy}-%i.log.gz">
      <PatternLayout>
          <Pattern>%d{ISO8601} [%X{ip}-%X{host}] [%t] [%X{xc}] %5p %c{1} %m%n</Pattern>
      </PatternLayout>
      <Policies>
          <SizeBasedTriggeringPolicy size="1 MB"/>
      </Policies>
      <DefaultRolloverStrategy max="10"/>
 </RollingRandomAccessFile>
 

In the Loggers section, following AUDIT_LOGGER configuration should be added.

 <!-- Logger configuration for FileBasedAuditor -->
 <Logger name="AUDIT_LOGGER" level="ALL" additivity="false">
      <AppenderRef ref="AUDIT_APPENDER"/>
 </Logger>
 

Specified by:

auditLogToFile in interface AuditFeature

Parameters:

auditSeverity - enum value of AuditFeature.AuditSeverity which represents the severity of the audit log

requestedAuditData - requested audit data to be logged as a Set which could include "PAYLOAD", "HEADERS", "PROPERTIES", "VARIABLES"

xMessageContext - XMessageContext of the message being audit logged

auditSubject - authentication subject such as user or any other subject related to the message

auditMessage - the audit message which can be used to add more information to the audit log

auditLogToFile

public void auditLogToFile(FileAuditTemplate fileAuditTemplate,
                           org.adroitlogic.x.api.XMessageContext xMessageContext)

Description copied from interface: AuditFeature

Prints audit log to file according to the custom structure represented by fileAuditTemplate.

Note that underling implementation uses log4j2 and hence required following configurations to be defined in log4j2.xml file.

In the Appenders section, following AUDIT_APPENDER configuration and ASYNC_AUDIT_APPENDER configuration should be added.

 <!-- AUDIT_APPENDER configuration for FileBasedAuditor -->
 <RollingRandomAccessFile name="AUDIT_APPENDER" fileName="logs/audit-x.log" filePattern="logs/$${date:yyyy-MM}/audit-x-%d{MM-dd-yyyy}-%i.log.gz">
      <PatternLayout>
          <Pattern>%d{ISO8601} [%X{ip}-%X{host}] [%t] [%X{xc}] %5p %c{1} %m%n</Pattern>
      </PatternLayout>
      <Policies>
          <SizeBasedTriggeringPolicy size="1 MB"/>
      </Policies>
      <DefaultRolloverStrategy max="10"/>
 </RollingRandomAccessFile>
 

In the Loggers section, following AUDIT_LOGGER configuration should be added.

 <!-- Logger configuration for FileBasedAuditor -->
 <Logger name="AUDIT_LOGGER" level="ALL" additivity="false">
      <AppenderRef ref="AUDIT_APPENDER"/>
 </Logger>
 

Specified by:

auditLogToFile in interface AuditFeature

Parameters:

fileAuditTemplate - FileAuditTemplate representing the audit log template

xMessageContext - XMessageContext of the message being audit logged

auditLogToDatabaseAsync

public CompletableFuture<Integer> auditLogToDatabaseAsync(AuditFeature.AuditSeverity auditSeverity,
                                                          Set<String> requestedAuditData,
                                                          org.adroitlogic.x.api.XMessageContext xMessageContext,
                                                          String auditSubject,
                                                          String auditMessage,
                                                          DataSource dataSource,
                                                          String tableName)

Description copied from interface: AuditFeature

Async operation for inserting audit logs to the given database table. See auditLogToDatabase method for more info.

Specified by:

auditLogToDatabaseAsync in interface AuditFeature

Parameters:

auditSeverity - enum value of AuditFeature.AuditSeverity which represents the severity of the audit log

requestedAuditData - requested audit data to be logged as a Set which could include "PAYLOAD", "HEADERS", "PROPERTIES", "VARIABLES"

xMessageContext - XMessageContext of the message being audit logged

auditSubject - authentication subject such as user or any other subject related to the message

auditMessage - the audit message which can be used to add more information to the audit log

dataSource - data source configured in the project.xpml

tableName - table name

Returns:

CompletableFuture

auditLogToDatabase

public int auditLogToDatabase(AuditFeature.AuditSeverity auditSeverity,
                              Set<String> requestedAuditData,
                              org.adroitlogic.x.api.XMessageContext xMessageContext,
                              String auditSubject,
                              String auditMessage,
                              DataSource dataSource,
                              String tableName)

Description copied from interface: AuditFeature

Inserts audit logs to the given database table. This method will use the following fixed schema given below. Note that the given sql are for Oracle. To have complete flexibility of the schema use auditLogToDatabase method.

 -- Table structure for table 'AUDIT_LOG' --
 CREATE TABLE USERNAME.AUDIT_LOG
 (
  ID              NUMBER(10)      NOT NULL,
  SEVERITY        VARCHAR2(255)   DEFAULT NULL,
  SUBJECT         VARCHAR2(255)   DEFAULT NULL,
  MESSAGE         VARCHAR2(4000)  DEFAULT NULL,
  HEADERS         CLOB,
  PROPERTIES      CLOB,
  PAYLOAD         CLOB,
  OCCURRENCE      TIMESTAMP(3)    DEFAULT NULL,
  PROJECT_NAME    VARCHAR2(255)   DEFAULT NULL,
  NODE_NAME       VARCHAR2(255)   DEFAULT NULL
 );

 -- 'AUDIT_LOG' primary key constraint
 ALTER TABLE USERNAME.AUDIT_LOG
 ADD CONSTRAINT AUDIT_LOG_PK PRIMARY KEY (ID);

 -- 'AUDIT_LOG' sequence for the primary key generation
 CREATE SEQUENCE USERNAME.AUDIT_LOG_SEQ START WITH 1 INCREMENT BY 1;

 -- 'AUDIT_LOG' trigger for primary key generation
 CREATE OR REPLACE TRIGGER USERNAME.AUDIT_LOG_SEQ_TR
 BEFORE INSERT ON USERNAME.AUDIT_LOG FOR EACH ROW
 WHEN (NEW.ID IS NULL)
      BEGIN
          SELECT USERNAME.AUDIT_LOG_SEQ.NEXTVAL
          INTO :NEW.ID
          FROM DUAL;
      END;
 /
 

Along with this a Datasource needs to be configured as a resource in the project.xpml. An example is shown below.

 <x:resource id="dataSource">
      <bean class="org.adroitlogic.ultracp.UltraDataSource" init-method="initialize"
          destroy-method="destroy">
          <property name="driverClass" value="oracle.jdbc.OracleDriver"/>
          <property name="url" value="jdbc:oracle:thin:@//192.168.56.201:1521/ORA01"/>
          <property name="connectionProperties">
              <props>
                  <prop key="user">APS_EMW</prop>
                  <prop key="password">password</prop>
              </props>
          </property>
          <property name="initialSize" value="5"/>
          <property name="minSize" value="2"/>
          <property name="maxTotal" value="40"/>
          <property name="validationQuery" value="SELECT 1 FROM DUAL"/>
          <property name="poolName" value="pandora-mysql-pool"/>
          <property name="connectionIdleMillis" value="60000"/>
          <property name="connectionWaitMillis" value="6000"/>
          <property name="refreshIntervalMillis" value="20000"/>
      </bean>
 </x:resource>
 

Specified by:

auditLogToDatabase in interface AuditFeature

Parameters:

auditSeverity - enum value of AuditFeature.AuditSeverity which represents the severity of the audit log

requestedAuditData - requested audit data to be logged as a Set which could include "PAYLOAD", "HEADERS", "PROPERTIES", "VARIABLES"

xMessageContext - XMessageContext of the message being audit logged

auditSubject - authentication subject such as user or any other subject related to the message

auditMessage - the audit message which can be used to add more information to the audit log

dataSource - data source configured in the project.xpml

tableName - table name

Returns:

Integer value 1 to indicate success and 0 to indicate failure

auditLogToDatabaseAsync

public CompletableFuture<Integer> auditLogToDatabaseAsync(DatabaseAuditTemplate databaseAuditTemplate,
                                                          org.adroitlogic.x.api.XMessageContext xMessageContext,
                                                          DataSource dataSource,
                                                          String tableName)

Description copied from interface: AuditFeature

Async operation for inserting audit logs to the given database table with a schema represented by databaseAuditTemplate. See auditLogToDatabase method for more info.

Specified by:

auditLogToDatabaseAsync in interface AuditFeature

Parameters:

databaseAuditTemplate - DatabaseAuditTemplate representing the audit table schema

xMessageContext - XMessageContext of the message being audit logged

dataSource - data source configured in the project.xpml

tableName - table name

Returns:

CompletableFuture

auditLogToDatabase

public int auditLogToDatabase(DatabaseAuditTemplate databaseAuditTemplate,
                              org.adroitlogic.x.api.XMessageContext xMessageContext,
                              DataSource dataSource,
                              String tableName)

Description copied from interface: AuditFeature

Inserts audit logs to the given database table with a schema represented by databaseAuditTemplate. See DatabaseAuditTemplate for more info related to how the schema should be.

A Datasource needs to be configured as a resource in the project.xpml. An example is shown below.

 <x:resource id="dataSource">
      <bean class="org.adroitlogic.ultracp.UltraDataSource" init-method="initialize"
          destroy-method="destroy">
          <property name="driverClass" value="oracle.jdbc.OracleDriver"/>
          <property name="url" value="jdbc:oracle:thin:@//192.168.56.201:1521/ORA01"/>
          <property name="connectionProperties">
              <props>
                  <prop key="user">APS_EMW</prop>
                  <prop key="password">password</prop>
              </props>
          </property>
          <property name="initialSize" value="5"/>
          <property name="minSize" value="2"/>
          <property name="maxTotal" value="40"/>
          <property name="validationQuery" value="SELECT 1 FROM DUAL"/>
          <property name="poolName" value="pandora-mysql-pool"/>
          <property name="connectionIdleMillis" value="60000"/>
          <property name="connectionWaitMillis" value="6000"/>
          <property name="refreshIntervalMillis" value="20000"/>
      </bean>
 </x:resource>
 

Specified by:

auditLogToDatabase in interface AuditFeature

Parameters:

databaseAuditTemplate - DatabaseAuditTemplate representing the audit table schema

xMessageContext - XMessageContext of the message being audit logged

dataSource - data source configured in the project.xpml

tableName - table name

Returns:

Integer value 1 to indicate success and 0 to indicate failure

createDatabaseAuditTemplate

public DatabaseAuditTemplate createDatabaseAuditTemplate(AuditFeature.AuditSeverity auditSeverity,
                                                         String requestedAuditFields,
                                                         String auditSubject,
                                                         String auditMessage)

Description copied from interface: AuditFeature

Creates a DatabaseAuditTemplate using the given parameters.

requestedAuditFields determines database table structure for the audit entry. Possible values for the requestedAuditFields parameter include string values defined in AuditFeature.AuditFields and also strings in the form @{message.properties.property_name}, @{message.headers.header_name} and @{message.variable.variable_name} The columns in the database should in the order as they are in the requestedAuditFields string.

Meaning of the audit fields and the data types which should be used are as follows.

Element Name	Description	DB Data Type Oracle	DB Data Type MySQL	DB Data Type MSSQL
SEVERITY	Audit severity	VARCHAR2(255)	VARCHAR(255)	VARCHAR(255)
SUBJECT	Custom subject for audit log	VARCHAR2(255)	VARCHAR(255)	VARCHAR(255)
MESSAGE	Audit message	VARCHAR2(4000)	VARCHAR(4000)	VARCHAR(4000)
HEADERS	All the headers	CLOB	LONGTEXT	VARCHAR(MAX)
PROPERTIES	All the properties	CLOB	LONGTEXT	VARCHAR(MAX)
PAYLOAD	Message payload	CLOB	LONGTEXT	VARCHAR(MAX)
OCCURRENCE	Timestamp for audit log	TIMESTAMP(3)	TIMESTAMP	DATETIME
PROJECT_NAME	Project Name	VARCHAR2(255)	VARCHAR(255)	VARCHAR(255)
NODE_NAME	Node Name	VARCHAR2(255)	VARCHAR(255)	VARCHAR(255)
MESSAGE_ID	Message ID	VARCHAR2(255)	VARCHAR(255)	VARCHAR(255)
MESSAGE_CONTEXT_ID	Message context ID	VARCHAR2(255)	VARCHAR(255)	VARCHAR(255)
@{message.headers.header_name}	Value of the header given by header_name	VARCHAR2(255)	VARCHAR(255)	VARCHAR(255)
@{message.properties.property_name}	Value of the property given by property_name	VARCHAR2(255)	VARCHAR(255)	VARCHAR(255)
@{variable.variable_name}	Value of the variable given by variable_name	VARCHAR2(255)	VARCHAR(255)	VARCHAR(255)
@{messagecontext.properties.context_property_name}	Value of the message context property given by context_property_name	VARCHAR2(255)	VARCHAR(255)	VARCHAR(255)

For example say the requestedAuditFields is set to SEVERITY, SUBJECT, MESSAGE, @{message.headers.MY_HEADER}, @{message.properties.MY_PROPERTY}, @{variable.MY_VARIABLE}, PAYLOAD, PROJECT_NAME, NODE_NAME, OCCURRENCE. Then the schema should be as follows. Note that the given sql are for Oracle. Also note that for MY_HEADER, MY_PROPERTY and MY_VARIABLE each respective value name is used as column name.

 -- Table structure for table 'AUDIT_LOG' --
 CREATE TABLE USERNAME.AUDIT_LOG
 (
  ID              NUMBER(10)      NOT NULL,
  SEVERITY        VARCHAR2(255)   DEFAULT NULL,
  SUBJECT         VARCHAR2(255)   DEFAULT NULL,
  MESSAGE         VARCHAR2(4000)  DEFAULT NULL,
  MY_HEADER       CLOB,
  MY_PROPERTY     CLOB,
  MY_VARIABLE     CLOB,
  PAYLOAD         CLOB,
  OCCURRENCE      TIMESTAMP(3)    DEFAULT NULL,
  PROJECT_NAME    VARCHAR2(255)   DEFAULT NULL,
  NODE_NAME       VARCHAR2(255)   DEFAULT NULL
 );

 -- 'AUDIT_LOG' primary key constraint
 ALTER TABLE USERNAME.AUDIT_LOG
 ADD CONSTRAINT AUDIT_LOG_PK PRIMARY KEY (ID);

 -- 'AUDIT_LOG' sequence for the primary key generation
 CREATE SEQUENCE USERNAME.AUDIT_LOG_SEQ START WITH 1 INCREMENT BY 1;

 -- 'AUDIT_LOG' trigger for primary key generation
 CREATE OR REPLACE TRIGGER USERNAME.AUDIT_LOG_SEQ_TR
 BEFORE INSERT ON USERNAME.AUDIT_LOG FOR EACH ROW
 WHEN (NEW.ID IS NULL)
      BEGIN
          SELECT USERNAME.AUDIT_LOG_SEQ.NEXTVAL
          INTO :NEW.ID
          FROM DUAL;
      END;
 /
 

There is also an additional option where custom column names can be used. In that case column name should be given after the field name separated by a colon (:). An example is as follows.

SEVERITY, SUBJECT, MESSAGE, @{message.headers.MY_HEADER}:audit_header, @{message.properties.MY_PROPERTY}:audit_property, @{variable.MY_VARIABLE}:audit_variable, PAYLOAD, PROJECT_NAME, NODE_NAME, OCCURRENCE:timestamp

Specified by:

createDatabaseAuditTemplate in interface AuditFeature

Parameters:

auditSeverity - enum value of AuditFeature.AuditSeverity which represents the severity of the audit log

requestedAuditFields - comma separated list of fields for audit log entry.

auditSubject - authentication subject such as user or any other subject related to the message

auditMessage - the audit message which can be used to add more information to the audit log

Returns:

created DatabaseAuditTemplate

createFileAuditTemplate

public FileAuditTemplate createFileAuditTemplate(AuditFeature.AuditSeverity auditSeverity,
                                                 String requestedAuditFields,
                                                 String auditSubject,
                                                 String auditMessage)

Description copied from interface: AuditFeature

Creates a FileAuditTemplate using the given parameters.

requestedAuditFields determines audit log structure. Possible values for the requestedAuditFields parameter include string values defined in AuditFeature.AuditFields and also strings in the form @{message.properties.property_name}, @{message.headers.header_name} and @{message.variable.variable_name}

Meaning of the audit fields are as follows.

Element Name	Description
SEVERITY	Audit severity
SUBJECT	Custom subject for audit log
MESSAGE	Audit message
HEADERS	All the headers
PROPERTIES	All the properties
PAYLOAD	Message payload
OCCURRENCE	Timestamp for audit log
PROJECT_NAME	Project Name
NODE_NAME	Node Name
MESSAGE_ID	Message ID
MESSAGE_CONTEXT_ID	Message context ID
@{message.headers.header_name}	Value of the header given by header_name
@{message.properties.property_name}	Value of the property given by property_name
@{variable.variable_name}	Value of the variable given by variable_name
@{messagecontext.properties.message_context_property_name}	Value of the message context property given by message_context_property_name

There is also an additional option where custom field names can be used for the audit log. In that case column name should be given after the field name separated by a colon ':'. An example is as follows. SEVERITY, SUBJECT, MESSAGE, @{message.headers.MY_HEADER}:audit_header, @{message.properties.MY_PROPERTY}:audit_property, @{variable.MY_VARIABLE}:audit_variable, PAYLOAD, PROJECT_NAME, NODE_NAME, OCCURRENCE:timestamp

Specified by:

createFileAuditTemplate in interface AuditFeature

Parameters:

auditSeverity - enum value of AuditFeature.AuditSeverity which represents the severity of the audit log

requestedAuditFields - comma separated list of fields for audit log.

auditSubject - authentication subject such as user or any other subject related to the message

auditMessage - the audit message which can be used to add more information to the audit log

Returns:

created FileAuditTemplate

destroy

public void destroy()

Specified by:

destroy in interface org.adroitlogic.x.api.dec.Initializable

Overrides:

destroy in class org.adroitlogic.x.api.AbstractIntegrationFeature