cas入门之二十:cas审计日志Inspektr(下)
来源:互联网 发布:淘宝pc端是在哪里 编辑:程序博客网 时间:2024/05/22 09:46
上篇主要介绍了Inspektr概况,那么cas应用是如何配置Inspektr审计的呢?cas的配置如下(在cas/WEB-INF/spring-configuration/auditTrailContext.xml这个文件中,参看cas入门之二spring配置文件):
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:aop="http://www.springframework.org/schema/aop"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd">
<description>
Configuration file for the Inspektr package which handles auditing for Java
applications.
If enabled this should be modified to log audit and statistics
information the same way
your local applications do. The default is currently to log to the console
which is good
for debugging/testing purposes.
</description>
<aop:aspectj-autoproxy />
<bean id="auditTrailManagementAspect" class="com.github.inspektr.audit.AuditTrailManagementAspect">
<!-- String applicationCode -->
<constructor-arg index="0" value="CAS" />
<!-- PrincipalResolver auditablePrincipalResolver -->
<constructor-arg index="1" ref="auditablePrincipalResolver" />
<!-- List<AuditTrailManager> auditTrailManagers -->
<constructor-arg index="2">
<list>
<ref bean="auditTrailManager" />
</list>
</constructor-arg>
<!-- Map<String,AuditActionResolver> auditActionResolverMap -->
<constructor-arg index="3">
<map>
<entry key="AUTHENTICATION_RESOLVER">
<ref local="authenticationActionResolver" />
</entry>
<entry key="CREATE_TICKET_GRANTING_TICKET_RESOLVER">
<ref local="ticketCreationActionResolver" />
</entry>
<entry key="DESTROY_TICKET_GRANTING_TICKET_RESOLVER">
<bean
class="com.github.inspektr.audit.spi.support.DefaultAuditActionResolver" />
</entry>
<entry key="GRANT_SERVICE_TICKET_RESOLVER">
<ref local="ticketCreationActionResolver" />
</entry>
<entry key="GRANT_PROXY_GRANTING_TICKET_RESOLVER">
<ref local="ticketCreationActionResolver" />
</entry>
<entry key="VALIDATE_SERVICE_TICKET_RESOLVER">
<ref local="ticketValidationActionResolver" />
</entry>
<entry key="DELETE_SERVICE_ACTION_RESOLVER">
<ref local="deleteServiceActionResolver" />
</entry>
<entry key="SAVE_SERVICE_ACTION_RESOLVER">
<ref local="saveServiceActionResolver" />
</entry>
</map>
</constructor-arg>
<!-- Map<String,AuditResourceResolver> auditResourceResolverMap -->
<constructor-arg index="4">
<map>
<entry key="AUTHENTICATION_RESOURCE_RESOLVER">
<bean
class="org.jasig.cas.audit.spi.CredentialsAsFirstParameterResourceResolver" />
</entry>
<entry key="CREATE_TICKET_GRANTING_TICKET_RESOURCE_RESOLVER">
<ref local="returnValueResourceResolver" />
</entry>
<entry key="DESTROY_TICKET_GRANTING_TICKET_RESOURCE_RESOLVER">
<ref local="ticketResourceResolver" />
</entry>
<entry key="GRANT_SERVICE_TICKET_RESOURCE_RESOLVER">
<bean class="org.jasig.cas.audit.spi.ServiceResourceResolver" />
</entry>
<entry key="GRANT_PROXY_GRANTING_TICKET_RESOURCE_RESOLVER">
<ref local="returnValueResourceResolver" />
</entry>
<entry key="VALIDATE_SERVICE_TICKET_RESOURCE_RESOLVER">
<ref local="ticketResourceResolver" />
</entry>
<entry key="DELETE_SERVICE_RESOURCE_RESOLVER">
<ref local="deleteServiceResourceResolver" />
</entry>
<entry key="SAVE_SERVICE_RESOURCE_RESOLVER">
<ref local="saveServiceResourceResolver" />
</entry>
</map>
</constructor-arg>
</bean>
<bean id="saveServiceResourceResolver"
class="com.github.inspektr.audit.spi.support.ParametersAsStringResourceResolver" />
<bean id="deleteServiceResourceResolver"
class="org.jasig.cas.audit.spi.ServiceManagementResourceResolver" />
<bean id="saveServiceActionResolver"
class="com.github.inspektr.audit.spi.support.DefaultAuditActionResolver">
<constructor-arg index="0" value="_SUCCEEDED" />
<constructor-arg index="1" value="_FAILED" />
</bean>
<bean id="deleteServiceActionResolver"
class="com.github.inspektr.audit.spi.support.ObjectCreationAuditActionResolver">
<constructor-arg index="0" value="_SUCCEEDED" />
<constructor-arg index="1" value="_FAILED" />
</bean>
<bean id="auditablePrincipalResolver"
class="org.jasig.cas.audit.spi.TicketOrCredentialPrincipalResolver">
<constructor-arg index="0" ref="ticketRegistry" />
</bean>
<bean id="authenticationActionResolver"
class="com.github.inspektr.audit.spi.support.DefaultAuditActionResolver">
<!-- String successSuffix -->
<constructor-arg index="0" value="_SUCCESS" />
<!-- String failureSuffix -->
<constructor-arg index="1" value="_FAILED" />
</bean>
<bean id="ticketCreationActionResolver"
class="com.github.inspektr.audit.spi.support.DefaultAuditActionResolver">
<!-- String successSuffix -->
<constructor-arg index="0" value="_CREATED" />
<!-- String failureSuffix -->
<constructor-arg index="1" value="_NOT_CREATED" />
</bean>
<bean id="ticketValidationActionResolver"
class="com.github.inspektr.audit.spi.support.DefaultAuditActionResolver">
<!-- String successSuffix -->
<constructor-arg index="0" value="D" />
<!-- String failureSuffix -->
<constructor-arg index="1" value="_FAILED" />
</bean>
<bean id="returnValueResourceResolver"
class="com.github.inspektr.audit.spi.support.ReturnValueAsStringResourceResolver" />
<bean id="ticketResourceResolver"
class="org.jasig.cas.audit.spi.TicketAsFirstParameterResourceResolver" />
</beans>
而auditTrailManager 定义在cas/WEB-INF/deployerConfigContext.xml中
<bean id="auditTrailManager" class="com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager" />;
在web.xml中配置了filter:
<filter>
<filter-name>CAS Client Info Logging Filter</filter-name>
<filter-mapping>
<filter-name>CAS Client Info Logging Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
在源代码中定义审计点,如下所示
@Audit(action="SERVICE_TICKET",
actionResolverName="GRANT_SERVICE_TICKET_RESOLVER",
resourceResolverName="GRANT_SERVICE_TICKET_RESOURCE_RESOLVER")
public String grantServiceTicket(..)
这个从CentralAuthenticationServiceImpl类中截取的代码片段,也就是Inspektr通过audit注解来定义审计点;
默认情况下cas应用是将审计信息输出到应用的日志记录中,在cas/WEB-INF/classes/log4j.xml中可以看到
<logger name="com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager">
<level value="INFO" />
<appender-ref ref="cas" />
</logger>
对于INFO级别的信息均有所输出,,至此Inspektr配置完毕。
如果需要将审计信息输出到数据库中进行如下配置,即替换auditTrailManager的相应bean:
<bean id="inspektrTransactionManager"
class="org.springframework.jdbc.datasource.DataSourceTransactionManager"
p:dataSource-ref="dataSource"/>
<bean id="inspektrTransactionTemplate"
class="org.springframework.transaction.support.TransactionTemplate"
p:transactionManager-ref="inspektrTransactionManager"
p:isolationLevelName="ISOLATION_READ_COMMITTED"
p:propagationBehaviorName="PROPAGATION_REQUIRED"/>
<bean id="auditTrailManager"
class="com.github.inspektr.audit.support.JdbcAuditTrailManager">
<constructor-arg index="0" ref="inspektrTransactionTemplate" />
<property name="dataSource" ref="dataSource" />
<property name="tableName" value="COM_AUDIT_TRAIL" /><!--这个表名是默认值,可以更改为其他的表名 -->
</bean>
其中dataSource自行定义,并且删除掉log4j.xml中的Slf4jLoggingAuditTrailManager日志输出logger。
需要的数据库表结构:
CREATE TABLE COM_AUDIT_TRAIL
(
AUD_USER VARCHAR2(100) NOT NULL,
AUD_CLIENT_IP VARCHAR(15) NOT NULL,
AUD_SERVER_IP VARCHAR(15) NOT NULL,
AUD_RESOURCE VARCHAR2(100) NOT NULL,
AUD_ACTION VARCHAR2(100) NOT NULL,
APPLIC_CD VARCHAR2(5) NOT NULL,
AUD_DATE TIMESTAMP NOT NULL
);
ALTER TABLE COM_AUDIT_TRAIL
ADD CONSTRAINT COM_AUDIT_TRAIL_PK
PRIMARY KEY (
AUD_USER,
AUD_CLIENT_IP,
AUD_SERVER_IP,
AUD_RESOURCE,
AUD_ACTION,
APPLIC_CD,
AUD_DATE
) ENABLE;
CREATE INDEX COM_AUDIT_TRAIL_DATE_I
ON COM_AUDIT_TRAIL (AUD_DATE);
CREATE INDEX COM_AUDIT_TRAIL_CLIENT_DATE_I
ON COM_AUDIT_TRAIL (AUD_CLIENT_IP, AUD_DATE);
CREATE INDEX COM_AUDIT_TRAIL_USER_DATE_I
ON COM_AUDIT_TRAIL (AUD_USER, AUD_DATE);
CREATE INDEX COM_AUDIT_TRAIL_ACTION_DATE_I
ON COM_AUDIT_TRAIL (AUD_ACTION, AUD_DATE);
表名可以更改,但是里面的字段名不能更改,这个表是建在oracle数据库的。可以根据需要更改相应的字段属性,建在其他数据库中。
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:aop="http://www.springframework.org/schema/aop"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd">
<description>
Configuration file for the Inspektr package which handles auditing for Java
applications.
If enabled this should be modified to log audit and statistics
information the same way
your local applications do. The default is currently to log to the console
which is good
for debugging/testing purposes.
</description>
<aop:aspectj-autoproxy />
<bean id="auditTrailManagementAspect" class="com.github.inspektr.audit.AuditTrailManagementAspect">
<!-- String applicationCode -->
<constructor-arg index="0" value="CAS" />
<!-- PrincipalResolver auditablePrincipalResolver -->
<constructor-arg index="1" ref="auditablePrincipalResolver" />
<!-- List<AuditTrailManager> auditTrailManagers -->
<constructor-arg index="2">
<list>
<ref bean="auditTrailManager" />
</list>
</constructor-arg>
<!-- Map<String,AuditActionResolver> auditActionResolverMap -->
<constructor-arg index="3">
<map>
<entry key="AUTHENTICATION_RESOLVER">
<ref local="authenticationActionResolver" />
</entry>
<entry key="CREATE_TICKET_GRANTING_TICKET_RESOLVER">
<ref local="ticketCreationActionResolver" />
</entry>
<entry key="DESTROY_TICKET_GRANTING_TICKET_RESOLVER">
<bean
class="com.github.inspektr.audit.spi.support.DefaultAuditActionResolver" />
</entry>
<entry key="GRANT_SERVICE_TICKET_RESOLVER">
<ref local="ticketCreationActionResolver" />
</entry>
<entry key="GRANT_PROXY_GRANTING_TICKET_RESOLVER">
<ref local="ticketCreationActionResolver" />
</entry>
<entry key="VALIDATE_SERVICE_TICKET_RESOLVER">
<ref local="ticketValidationActionResolver" />
</entry>
<entry key="DELETE_SERVICE_ACTION_RESOLVER">
<ref local="deleteServiceActionResolver" />
</entry>
<entry key="SAVE_SERVICE_ACTION_RESOLVER">
<ref local="saveServiceActionResolver" />
</entry>
</map>
</constructor-arg>
<!-- Map<String,AuditResourceResolver> auditResourceResolverMap -->
<constructor-arg index="4">
<map>
<entry key="AUTHENTICATION_RESOURCE_RESOLVER">
<bean
class="org.jasig.cas.audit.spi.CredentialsAsFirstParameterResourceResolver" />
</entry>
<entry key="CREATE_TICKET_GRANTING_TICKET_RESOURCE_RESOLVER">
<ref local="returnValueResourceResolver" />
</entry>
<entry key="DESTROY_TICKET_GRANTING_TICKET_RESOURCE_RESOLVER">
<ref local="ticketResourceResolver" />
</entry>
<entry key="GRANT_SERVICE_TICKET_RESOURCE_RESOLVER">
<bean class="org.jasig.cas.audit.spi.ServiceResourceResolver" />
</entry>
<entry key="GRANT_PROXY_GRANTING_TICKET_RESOURCE_RESOLVER">
<ref local="returnValueResourceResolver" />
</entry>
<entry key="VALIDATE_SERVICE_TICKET_RESOURCE_RESOLVER">
<ref local="ticketResourceResolver" />
</entry>
<entry key="DELETE_SERVICE_RESOURCE_RESOLVER">
<ref local="deleteServiceResourceResolver" />
</entry>
<entry key="SAVE_SERVICE_RESOURCE_RESOLVER">
<ref local="saveServiceResourceResolver" />
</entry>
</map>
</constructor-arg>
</bean>
<bean id="saveServiceResourceResolver"
class="com.github.inspektr.audit.spi.support.ParametersAsStringResourceResolver" />
<bean id="deleteServiceResourceResolver"
class="org.jasig.cas.audit.spi.ServiceManagementResourceResolver" />
<bean id="saveServiceActionResolver"
class="com.github.inspektr.audit.spi.support.DefaultAuditActionResolver">
<constructor-arg index="0" value="_SUCCEEDED" />
<constructor-arg index="1" value="_FAILED" />
</bean>
<bean id="deleteServiceActionResolver"
class="com.github.inspektr.audit.spi.support.ObjectCreationAuditActionResolver">
<constructor-arg index="0" value="_SUCCEEDED" />
<constructor-arg index="1" value="_FAILED" />
</bean>
<bean id="auditablePrincipalResolver"
class="org.jasig.cas.audit.spi.TicketOrCredentialPrincipalResolver">
<constructor-arg index="0" ref="ticketRegistry" />
</bean>
<bean id="authenticationActionResolver"
class="com.github.inspektr.audit.spi.support.DefaultAuditActionResolver">
<!-- String successSuffix -->
<constructor-arg index="0" value="_SUCCESS" />
<!-- String failureSuffix -->
<constructor-arg index="1" value="_FAILED" />
</bean>
<bean id="ticketCreationActionResolver"
class="com.github.inspektr.audit.spi.support.DefaultAuditActionResolver">
<!-- String successSuffix -->
<constructor-arg index="0" value="_CREATED" />
<!-- String failureSuffix -->
<constructor-arg index="1" value="_NOT_CREATED" />
</bean>
<bean id="ticketValidationActionResolver"
class="com.github.inspektr.audit.spi.support.DefaultAuditActionResolver">
<!-- String successSuffix -->
<constructor-arg index="0" value="D" />
<!-- String failureSuffix -->
<constructor-arg index="1" value="_FAILED" />
</bean>
<bean id="returnValueResourceResolver"
class="com.github.inspektr.audit.spi.support.ReturnValueAsStringResourceResolver" />
<bean id="ticketResourceResolver"
class="org.jasig.cas.audit.spi.TicketAsFirstParameterResourceResolver" />
</beans>
而auditTrailManager 定义在cas/WEB-INF/deployerConfigContext.xml中
<bean id="auditTrailManager" class="com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager" />;
在web.xml中配置了filter:
<filter>
<filter-name>CAS Client Info Logging Filter</filter-name>
<filter-class>com.github.inspektr.common.web.ClientInfoThreadLocalFilter</filter-class>
<!-- 当 cas负载均衡时,配置如下参数,获取用户真实ip -->
<init-param>
<param-name>alternativeIpAddressHeader</param-name>
<param-value>X-Forwarded-For</param-value>
</init-param>
<filter-mapping>
<filter-name>CAS Client Info Logging Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
在源代码中定义审计点,如下所示
@Audit(action="SERVICE_TICKET",
actionResolverName="GRANT_SERVICE_TICKET_RESOLVER",
resourceResolverName="GRANT_SERVICE_TICKET_RESOURCE_RESOLVER")
public String grantServiceTicket(..)
这个从CentralAuthenticationServiceImpl类中截取的代码片段,也就是Inspektr通过audit注解来定义审计点;
默认情况下cas应用是将审计信息输出到应用的日志记录中,在cas/WEB-INF/classes/log4j.xml中可以看到
<logger name="com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager">
<level value="INFO" />
<appender-ref ref="cas" />
</logger>
对于INFO级别的信息均有所输出,,至此Inspektr配置完毕。
如果需要将审计信息输出到数据库中进行如下配置,即替换auditTrailManager的相应bean:
<bean id="inspektrTransactionManager"
class="org.springframework.jdbc.datasource.DataSourceTransactionManager"
p:dataSource-ref="dataSource"/>
<bean id="inspektrTransactionTemplate"
class="org.springframework.transaction.support.TransactionTemplate"
p:transactionManager-ref="inspektrTransactionManager"
p:isolationLevelName="ISOLATION_READ_COMMITTED"
p:propagationBehaviorName="PROPAGATION_REQUIRED"/>
<bean id="auditTrailManager"
class="com.github.inspektr.audit.support.JdbcAuditTrailManager">
<constructor-arg index="0" ref="inspektrTransactionTemplate" />
<property name="dataSource" ref="dataSource" />
<property name="tableName" value="COM_AUDIT_TRAIL" /><!--这个表名是默认值,可以更改为其他的表名 -->
</bean>
其中dataSource自行定义,并且删除掉log4j.xml中的Slf4jLoggingAuditTrailManager日志输出logger。
需要的数据库表结构:
CREATE TABLE COM_AUDIT_TRAIL
(
AUD_USER VARCHAR2(100) NOT NULL,
AUD_CLIENT_IP VARCHAR(15) NOT NULL,
AUD_SERVER_IP VARCHAR(15) NOT NULL,
AUD_RESOURCE VARCHAR2(100) NOT NULL,
AUD_ACTION VARCHAR2(100) NOT NULL,
APPLIC_CD VARCHAR2(5) NOT NULL,
AUD_DATE TIMESTAMP NOT NULL
);
ALTER TABLE COM_AUDIT_TRAIL
ADD CONSTRAINT COM_AUDIT_TRAIL_PK
PRIMARY KEY (
AUD_USER,
AUD_CLIENT_IP,
AUD_SERVER_IP,
AUD_RESOURCE,
AUD_ACTION,
APPLIC_CD,
AUD_DATE
) ENABLE;
CREATE INDEX COM_AUDIT_TRAIL_DATE_I
ON COM_AUDIT_TRAIL (AUD_DATE);
CREATE INDEX COM_AUDIT_TRAIL_CLIENT_DATE_I
ON COM_AUDIT_TRAIL (AUD_CLIENT_IP, AUD_DATE);
CREATE INDEX COM_AUDIT_TRAIL_USER_DATE_I
ON COM_AUDIT_TRAIL (AUD_USER, AUD_DATE);
CREATE INDEX COM_AUDIT_TRAIL_ACTION_DATE_I
ON COM_AUDIT_TRAIL (AUD_ACTION, AUD_DATE);
表名可以更改,但是里面的字段名不能更改,这个表是建在oracle数据库的。可以根据需要更改相应的字段属性,建在其他数据库中。
0 0
- cas入门之二十:cas审计日志Inspektr(下)
- cas入门之十八:cas审计日志Inspektr(上)
- cas入门之六:cas 登录流程(下)
- cas入门之六:cas 登录流程(下)
- cas 入门之十:cas 认证处理器-JDBC简述(上)
- cas入门之二十九:cas 集群简介
- cas 入门之二十六:person directory(上)
- cas入门之二spring配置文件
- cas入门之二spring配置文件
- cas 入门之三:cas 之http 部署(CAS取消https方法配置)
- cas 入门之三:cas 之http 部署(CAS取消https方法配置)
- cas 入门之十一:cas 认证处理器-JDBC示例(下)
- cas client入门之二:web.xml 配置
- cas 入门之二十一:用户错误登录次数限制
- cas入门之二十四:ticket的过期策略
- cas入门之二十七:person directory(中)
- cas入门之二十五:ticket清理器
- cas入门之二十八:services管理控制台
- 指定浏览某浏览器
- VMware Workstation环境下安装增强工具
- hdu 不容易系列之(3)―― LELE的RPG难题
- ZOJ_3686_A Simple Tree Problem(线段树成端更新)
- [leetcode] Word Break
- cas入门之二十:cas审计日志Inspektr(下)
- java Fork-join框架
- iOS开发之Objective-C与JavaScript的交互
- 搜索题集
- 1612: [Usaco2008 Jan]Cow Contest奶牛的比赛 (Floyd)
- 光盘启动 (Boot from CDROM) Part 1- SakiProject
- Eddy's digital Roots
- thinkphp3.2 验证码生成和点击刷新验证码
- 爬虫原理 和 开源爬虫工具