org.forgerock.audit.events

Class AccessAuditEventBuilder<T extends AccessAuditEventBuilder<T>>

java.lang.Object

org.forgerock.audit.events.AuditEventBuilder<T>

org.forgerock.audit.events.AccessAuditEventBuilder<T>

Type Parameters:

T - the type of the builder

public class AccessAuditEventBuilder<T extends AccessAuditEventBuilder<T>>
extends AuditEventBuilder<T>

Builder for audit access events.

This builder should not be used directly but be specialized for each product to allow to define new specific fields, e.g

 
 class OpenProductAccessAuditEventBuilder <T extends OpenProductAccessAuditEventBuilder<T>>
 extends AccessAuditEventBuilder <T> {

    protected OpenProductAccessAuditEventBuilder(DnsUtils dnsUtils) {
        super(dnsUtils);
    }

    public static  <T> OpenProductAccessAuditEventBuilder <?> productAccessEvent() {
       return new OpenProductAccessAuditEventBuilder(new DnsUtils());
    }

    public T someField(String v) {
      jsonValue.put("someField", v);
      return self();
    }

    ...
 }
 
 

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	AccessAuditEventBuilder.ResponseStatus The status of the access request.

Field Summary

Fields

Modifier and Type	Field and Description
static String	CLIENT The client event payload field name.
static String	COOKIES The cookies event payload field name.
static String	CREST_PROTOCOL The protocol field CREST value.
static String	DETAIL The detail event payload field name.
static String	ELAPSED_TIME The elapsed time event payload field name.
static String	ELAPSED_TIME_UNITS The elapsed time unit event payload field name.
static String	HEADERS The headers event payload field name.
static String	HTTP The http event payload field name.
static String	IP The IP event payload field name.
static String	METHOD The method event payload field name.
static String	OPERATION The operation event payload field name.
static String	PATH The path event payload field name.
static String	PORT The port event payload field name.
static String	PROTOCOL The protocol event payload field name.
static String	QUERY_PARAMETERS The query parameters event payload field name.
static String	REQUEST The request event payload field name.
static String	RESPONSE The response event payload field name.
static String	SECURE The secure event payload field name.
static String	SERVER The server event payload field name.
static String	STATUS The status event payload field name.
static String	STATUS_CODE The status code event payload field name.

Fields inherited from class org.forgerock.audit.events.AuditEventBuilder

EVENT_NAME, jsonValue, TIMESTAMP, TRACKING_IDS, TRANSACTION_ID, USER_ID

Constructor Summary

Constructors

Constructor and Description
AccessAuditEventBuilder()

Method Summary

Modifier and Type	Method and Description
static AccessAuditEventBuilder<?>	accessEvent() Starts to build an audit access event.
T	client(String ip) Sets the provided client ip for the event.
T	client(String ip, int port) Sets the provided client ip and port for the event.
T	clientFromContext(Context context) Sets client ip, port and host from ClientContext, if the provided Context contains a ClientContext.
T	forContext(Context context) Sets common fields from services contexts.
T	forHttpRequest(Context context, Request request) Sets common fields from CREST contexts and request.
T	httpFromContext(Context context) Sets HTTP method, path, queryString and headers from HttpContext, if the provided Context contains a HttpContext.
T	httpRequest(boolean secure, String method, String path, Map<String,List<String>> queryParameters, Map<String,List<String>> headers) Sets the provided HTTP request fields for the event.
T	httpRequest(boolean secure, String method, String path, Map<String,List<String>> queryParameters, Map<String,List<String>> headers, Map<String,String> cookies) Sets the provided HTTP request fields for the event.
T	httpResponse(Map<String,List<String>> headers) Sets the provided HTTP fields for the event.
protected boolean	isReverseDnsLookupEnabled() Whether the client.host should be looked up from client.ip.
T	request(String protocol, String operation) Sets the provided request details for the event.
T	request(String protocol, String operation, JsonValue detail) Sets the provided request details for the event.
T	requestFromCrestRequest(Request request) Sets request detail from Request.
T	response(AccessAuditEventBuilder.ResponseStatus status, String statusCode, long elapsedTime, TimeUnit elapsedTimeUnits) Sets the provided response for the event.
T	responseWithDetail(AccessAuditEventBuilder.ResponseStatus status, String statusCode, long elapsedTime, TimeUnit elapsedTimeUnits, JsonValue detail) Sets the provided response for the event, with an additional detail.
T	server(String ip, int port) Sets the provided server values for the event.
T	serverFromContext(Context context) Sets the server fields for the event, if the provided Context contains a ClientContext..
T	withReverseDnsLookup() Instructs the builder to lookup client.host from client.ip when populating client details.

Methods inherited from class org.forgerock.audit.events.AuditEventBuilder

eventName, requireField, self, setDefaults, timestamp, toEvent, trackingId, trackingIds, transactionId, transactionIdFromContext, userId, validate

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

SERVER

public static final String SERVER

The server event payload field name.

See Also:

Constant Field Values

CLIENT

public static final String CLIENT

The client event payload field name.

See Also:

Constant Field Values

IP

public static final String IP

The IP event payload field name.

See Also:

Constant Field Values

PORT

public static final String PORT

The port event payload field name.

See Also:

Constant Field Values

REQUEST

public static final String REQUEST

The request event payload field name.

See Also:

Constant Field Values

PROTOCOL

public static final String PROTOCOL

The protocol event payload field name.

See Also:

Constant Field Values

OPERATION

public static final String OPERATION

The operation event payload field name.

See Also:

Constant Field Values

SECURE

public static final String SECURE

The secure event payload field name.

See Also:

Constant Field Values

METHOD

public static final String METHOD

The method event payload field name.

See Also:

Constant Field Values

DETAIL

public static final String DETAIL

The detail event payload field name.

See Also:

Constant Field Values

PATH

public static final String PATH

The path event payload field name.

See Also:

Constant Field Values

QUERY_PARAMETERS

public static final String QUERY_PARAMETERS

The query parameters event payload field name.

See Also:

Constant Field Values

HEADERS

public static final String HEADERS

The headers event payload field name.

See Also:

Constant Field Values

HTTP

public static final String HTTP

The http event payload field name.

See Also:

Constant Field Values

STATUS

public static final String STATUS

The status event payload field name.

See Also:

Constant Field Values

STATUS_CODE

public static final String STATUS_CODE

The status code event payload field name.

See Also:

Constant Field Values

ELAPSED_TIME

public static final String ELAPSED_TIME

The elapsed time event payload field name.

See Also:

Constant Field Values

ELAPSED_TIME_UNITS

public static final String ELAPSED_TIME_UNITS

The elapsed time unit event payload field name.

See Also:

Constant Field Values

RESPONSE

public static final String RESPONSE

The response event payload field name.

See Also:

Constant Field Values

COOKIES

public static final String COOKIES

The cookies event payload field name.

See Also:

Constant Field Values

CREST_PROTOCOL

public static final String CREST_PROTOCOL

The protocol field CREST value.

See Also:

Constant Field Values

Constructor Detail

AccessAuditEventBuilder

public AccessAuditEventBuilder()

Method Detail

accessEvent

public static AccessAuditEventBuilder<?> accessEvent()

Starts to build an audit access event.

Note: it is preferable to use a specialized builder that allow to add fields specific to a product.

Returns:

an audit access event builder

withReverseDnsLookup

public final T withReverseDnsLookup()

Instructs the builder to lookup client.host from client.ip when populating client details.

Returns:

this builder

isReverseDnsLookupEnabled

protected boolean isReverseDnsLookupEnabled()

Whether the client.host should be looked up from client.ip.

Returns:

True if so.

server

public final T server(String ip,
                      int port)

Sets the provided server values for the event.

Parameters:

ip - the ip of the server.

port - the port of the server.

Returns:

this builder

client

public final T client(String ip,
                      int port)

Sets the provided client ip and port for the event.

Parameters:

ip - the ip of the client.

port - the port of the client.

Returns:

this builder

client

public final T client(String ip)

Sets the provided client ip for the event.

Parameters:

ip - the ip of the client.

Returns:

this builder

request

public final T request(String protocol,
                       String operation)

Sets the provided request details for the event.

Parameters:

protocol - the type of request.

operation - the type of operation (e.g. CREATE, READ, UPDATE, DELETE, PATCH, ACTION, or QUERY).

Returns:

this builder

request

public final T request(String protocol,
                       String operation,
                       JsonValue detail)

Sets the provided request details for the event.

Parameters:

protocol - the type of request.

operation - the type of operation (e.g. CREATE, READ, UPDATE, DELETE, PATCH, ACTION, or QUERY).

detail - additional details relating to the request (e.g. the ACTION name or summary of the payload).

Returns:

this builder

httpRequest

public final T httpRequest(boolean secure,
                           String method,
                           String path,
                           Map<String,List<String>> queryParameters,
                           Map<String,List<String>> headers)

Sets the provided HTTP request fields for the event.

Parameters:

secure - Was the request secure ?

method - the HTTP method.

path - the path of HTTP request.

queryParameters - the query parameters of HTTP request.

headers - the list of headers of HTTP request. The headers are optional.

Returns:

this builder

httpRequest

public final T httpRequest(boolean secure,
                           String method,
                           String path,
                           Map<String,List<String>> queryParameters,
                           Map<String,List<String>> headers,
                           Map<String,String> cookies)

Sets the provided HTTP request fields for the event.

Parameters:

secure - Was the request secure ?

method - the HTTP method.

path - the path of HTTP request.

queryParameters - the query parameters of HTTP request.

headers - the list of headers of HTTP request. The headers are optional.

cookies - the list of cookies of HTTP request. The cookies are optional.

Returns:

this builder

httpResponse

public final T httpResponse(Map<String,List<String>> headers)

Sets the provided HTTP fields for the event.

Parameters:

headers - the list of headers of HTTP response. The headers are optional.

Returns:

this builder

response

public final T response(AccessAuditEventBuilder.ResponseStatus status,
                        String statusCode,
                        long elapsedTime,
                        TimeUnit elapsedTimeUnits)

Sets the provided response for the event.

Parameters:

status - the status of the operation.

statusCode - the status code of the operation.

elapsedTime - the execution time of the action.

elapsedTimeUnits - the unit of measure for the execution time value.

Returns:

this builder

responseWithDetail

public final T responseWithDetail(AccessAuditEventBuilder.ResponseStatus status,
                                  String statusCode,
                                  long elapsedTime,
                                  TimeUnit elapsedTimeUnits,
                                  JsonValue detail)

Sets the provided response for the event, with an additional detail.

Parameters:

status - the status of the operation.

statusCode - the status code of the operation.

elapsedTime - the execution time of the action.

elapsedTimeUnits - the unit of measure for the execution time value.

detail - additional details relating to the response (e.g. failure description or summary of the payload).

Returns:

this builder

clientFromContext

public final T clientFromContext(Context context)

Sets client ip, port and host from ClientContext, if the provided Context contains a ClientContext.

Parameters:

context - The root CHF context.

Returns:

this builder

serverFromContext

public final T serverFromContext(Context context)

Sets the server fields for the event, if the provided Context contains a ClientContext..

Parameters:

context - the CREST context

Returns:

this builder

httpFromContext

public final T httpFromContext(Context context)

Sets HTTP method, path, queryString and headers from HttpContext, if the provided Context contains a HttpContext.

Parameters:

context - The CREST context.

Returns:

this builder

requestFromCrestRequest

public final T requestFromCrestRequest(Request request)

Sets request detail from Request.

Parameters:

request - The CREST request.

Returns:

this builder

forContext

public final T forContext(Context context)

Sets common fields from services contexts.

Parameters:

context - The services context.

Returns:

this builder

See Also:

AuditEventBuilder.transactionIdFromContext(Context), clientFromContext(Context), serverFromContext(Context), httpFromContext(Context)

forHttpRequest

public final T forHttpRequest(Context context,
                              Request request)

Sets common fields from CREST contexts and request.

Parameters:

context - The CREST context.

request - The CREST request.

Returns:

this builder

See Also:

AuditEventBuilder.transactionIdFromContext(Context), clientFromContext(Context), serverFromContext(Context), httpFromContext(Context), requestFromCrestRequest(Request)