OPENDJ-3335 Reuse request and response fields for publishing LDAP events

Fabio Pistolesi

28.03.2016 786c19842a8d2a392086deeefa5d985669158c8c

OPENDJ-3335 Reuse request and response fields for publishing LDAP events

LDAP events contain a dedicated field for all LDAP related events. Distribute those fields into CAUD request and response fields instead.

 opendj-server-legacy/src/main/java/org/opends/server/loggers/CommonAuditAccessLogPublisher.java

@@ -125,8 +125,8 @@
      return;
    }
    OpenDJAccessAuditEventBuilder<?> builder = getEventBuilder(abandonOperation, "ABANDON");
    addResultCodeAndMessage(abandonOperation, builder);
    appendAbandonRequest(abandonOperation, builder);
    appendResultCodeAndMessage(abandonOperation, builder);

    sendEvent(builder.toEvent());
  }
@@ -139,8 +139,8 @@
      return;
    }
    OpenDJAccessAuditEventBuilder<?> builder = getEventBuilder(addOperation, "ADD");
    addResultCodeAndMessage(addOperation, builder);
    appendAddRequest(addOperation, builder);
    appendResultCodeAndMessage(addOperation, builder);
    DN proxiedAuthorizationDN = addOperation.getProxiedAuthorizationDN();
    appendProxiedAuthorizationDNIfNeeded(builder, proxiedAuthorizationDN);

@@ -156,8 +156,8 @@
    }

    OpenDJAccessAuditEventBuilder<?> builder = getEventBuilder(bindOperation, "BIND");
    addResultCodeAndMessage(bindOperation, builder);
    appendBindRequest(bindOperation, builder);
    appendResultCodeAndMessage(bindOperation, builder);

    final LocalizableMessage failureMessage = bindOperation.getAuthFailureReason();
    if (failureMessage != null)
@@ -211,8 +211,8 @@
      return;
    }
    OpenDJAccessAuditEventBuilder<?> builder = getEventBuilder(compareOperation, "COMPARE");
    addResultCodeAndMessage(compareOperation, builder);
    appendCompareRequest(compareOperation, builder);
    appendResultCodeAndMessage(compareOperation, builder);
    DN proxiedAuthorizationDN = compareOperation.getProxiedAuthorizationDN();
    appendProxiedAuthorizationDNIfNeeded(builder, proxiedAuthorizationDN);

@@ -235,7 +235,6 @@
      return;
    }
    OpenDJAccessAuditEventBuilder<?> builder = openDJAccessEvent()
        .eventName("DJ-" + clientConnection.getProtocol() + "-" + "CONNECT")
        .client(clientConnection.getClientAddress(), clientConnection.getClientPort())
        .server(clientConnection.getServerAddress(), clientConnection.getServerPort())
        .request(clientConnection.getProtocol(), "CONNECT")
@@ -254,8 +253,8 @@
      return;
    }
    OpenDJAccessAuditEventBuilder<?> builder = getEventBuilder(deleteOperation, "DELETE");
    addResultCodeAndMessage(deleteOperation, builder);
    appendDeleteRequest(deleteOperation, builder);
    appendResultCodeAndMessage(deleteOperation, builder);
    DN proxiedAuthorizationDN = deleteOperation.getProxiedAuthorizationDN();
    appendProxiedAuthorizationDNIfNeeded(builder, proxiedAuthorizationDN);

@@ -271,7 +270,6 @@
      return;
    }
    OpenDJAccessAuditEventBuilder<?> builder = openDJAccessEvent()
        .eventName("DJ-" + clientConnection.getProtocol() + "-" + "DISCONNECT")
        .client(clientConnection.getClientAddress(), clientConnection.getClientPort())
        .server(clientConnection.getServerAddress(), clientConnection.getServerPort())
        .request(clientConnection.getProtocol(), "DISCONNECT")
@@ -292,8 +290,8 @@
      return;
    }
    OpenDJAccessAuditEventBuilder<?> builder = getEventBuilder(extendedOperation, "EXTENDED");
    addResultCodeAndMessage(extendedOperation, builder);
    appendExtendedRequest(extendedOperation, builder);
    appendResultCodeAndMessage(extendedOperation, builder);
    final String oid = extendedOperation.getResponseOID();
    if (oid != null)
    {
@@ -316,8 +314,8 @@
      return;
    }
    OpenDJAccessAuditEventBuilder<?> builder = getEventBuilder(modifyDNOperation, "MODIFYDN");
    addResultCodeAndMessage(modifyDNOperation, builder);
    appendModifyDNRequest(modifyDNOperation, builder);
    appendResultCodeAndMessage(modifyDNOperation, builder);
    DN proxiedAuthorizationDN = modifyDNOperation.getProxiedAuthorizationDN();
    appendProxiedAuthorizationDNIfNeeded(builder, proxiedAuthorizationDN);

@@ -332,8 +330,8 @@
      return;
    }
    OpenDJAccessAuditEventBuilder<?> builder = getEventBuilder(modifyOperation, "MODIFY");
    addResultCodeAndMessage(modifyOperation, builder);
    appendModifyRequest(modifyOperation, builder);
    appendResultCodeAndMessage(modifyOperation, builder);
    DN proxiedAuthorizationDN = modifyOperation.getProxiedAuthorizationDN();
    appendProxiedAuthorizationDNIfNeeded(builder, proxiedAuthorizationDN);

@@ -348,10 +346,8 @@
      return;
    }
    OpenDJAccessAuditEventBuilder<?> builder = getEventBuilder(searchOperation, "SEARCH");
    builder
        .ldapSearch(searchOperation)
        .ldapNEntries(searchOperation.getEntriesSent());
        appendResultCodeAndMessage(searchOperation, builder);
    addResultCodeAndMessage(searchOperation, builder);
    builder.ldapSearch(searchOperation).ldapNEntries(searchOperation.getEntriesSent());
    DN proxiedAuthorizationDN = searchOperation.getProxiedAuthorizationDN();
    appendProxiedAuthorizationDNIfNeeded(builder, proxiedAuthorizationDN);

@@ -435,7 +431,7 @@
    builder.ldapDn(modifyOperation.getRawEntryDN().toString());
  }

  private OpenDJAccessAuditEventBuilder<?> appendResultCodeAndMessage(
  private OpenDJAccessAuditEventBuilder<?> addResultCodeAndMessage(
      Operation operation, OpenDJAccessAuditEventBuilder<?> builder)
  {
    final LocalizableMessageBuilder message = operation.getErrorMessage();
@@ -461,7 +457,6 @@
    ClientConnection clientConn = operation.getClientConnection();

    OpenDJAccessAuditEventBuilder<?> builder = openDJAccessEvent()
      .eventName("DJ-" + clientConn.getProtocol() + "-" + opType)
      .client(clientConn.getClientAddress(), clientConn.getClientPort())
      .server(clientConn.getServerAddress(), clientConn.getServerPort())
      .request(clientConn.getProtocol(), opType)

 opendj-server-legacy/src/main/java/org/opends/server/loggers/OpenDJAccessEventBuilder.java

@@ -26,6 +26,7 @@
import org.forgerock.i18n.LocalizableMessage;
import org.forgerock.i18n.LocalizableMessageBuilder;
import org.forgerock.json.JsonValue;
import org.forgerock.opendj.ldap.ByteString;
import org.forgerock.util.Reject;
import org.opends.server.core.ModifyDNOperation;
import org.opends.server.core.SearchOperation;
@@ -44,8 +45,8 @@
class OpenDJAccessAuditEventBuilder<T extends OpenDJAccessAuditEventBuilder<T>> extends AccessAuditEventBuilder<T>
{

  private static final String LDAP_VALUE_KEY = "ldap";
  private JsonValue ldapValue;
  private JsonValue opRequest;
  private JsonValue opResponse;

  private OpenDJAccessAuditEventBuilder()
  {
@@ -55,7 +56,7 @@
  @SuppressWarnings("rawtypes")
  public static <T> OpenDJAccessAuditEventBuilder<?> openDJAccessEvent()
  {
    return new OpenDJAccessAuditEventBuilder();
    return ((OpenDJAccessAuditEventBuilder<?>) new OpenDJAccessAuditEventBuilder()).eventName("DJ-LDAP");
  }

  public T ldapAdditionalItems(Operation op)
@@ -63,76 +64,73 @@
    String items = getAdditionalItemsAsString(op);
    if (!items.isEmpty())
    {
      getLdapValue().put("items", items);
      getOpResponse().put("additionalItems", items);
    }
    return self();
  }

  public T ldapAttr(String attr)
  {
    getLdapValue().put("attr", attr);
    getOpRequest().put("attr", attr);
    return self();
  }

  public T ldapConnectionId(long id)
  {
    getLdapValue().put("connId", id);
    getOpRequest().put("connId", id);
    return self();
  }

  public T ldapControls(Operation operation)
  {
    JsonValue ldapValue = getLdapValue();
    List<Control> requestControls = operation.getRequestControls();
    if (!requestControls.isEmpty())
    {
      ldapValue.put("reqControls", getControlsAsString(requestControls));
      getOpRequest().put("controls", getControlsAsString(requestControls));
    }
    List<Control> responseControls = operation.getResponseControls();
    if (!responseControls.isEmpty())
    {
      ldapValue.put("respControls", getControlsAsString(responseControls));
      getOpResponse().put("controls", getControlsAsString(responseControls));
    }
    return self();
  }

  public T ldapDn(String dn)
  {
    getLdapValue().put("dn", dn);
    getOpRequest().put("dn", dn);
    return self();
  }

  public T ldapFailureMessage(String msg)
  {
    getLdapValue().put("failureReason", msg);
    getOpResponse().put("failureReason", msg);
    return self();
  }

  public T ldapIds(Operation op)
  {
    JsonValue ldapValue = getLdapValue();
    ldapValue.put("connId", op.getConnectionID());
    ldapValue.put("msgId", op.getMessageID());
    getOpRequest().put("connId", op.getConnectionID());
    getOpRequest().put("msgId", op.getMessageID());
    return self();
  }

  public T ldapIdToAbandon(int id)
  {
    getLdapValue().put("idToAbandon", id);
    getOpRequest().put("idToAbandon", id);
    return self();
  }

  public T ldapMaskedResultAndMessage(Operation operation)
  {
    JsonValue ldapValue = getLdapValue();
    if (operation.getMaskedResultCode() != null)
    {
      ldapValue.put("maskedResult", operation.getMaskedResultCode().intValue());
      getOpResponse().put("maskedResult", operation.getMaskedResultCode().intValue());
    }
    final LocalizableMessageBuilder maskedMsg = operation.getMaskedErrorMessage();
    if (maskedMsg != null && maskedMsg.length() > 0)
    {
      ldapValue.put("maskedMessage", maskedMsg.toString());
      getOpResponse().put("maskedMessage", maskedMsg.toString());
    }
    return self();
  }
@@ -141,66 +139,68 @@
  {
    if (msg != null)
    {
      getLdapValue().put("message", msg.toString());
      getOpRequest().put("message", msg.toString());
    }
    return self();
  }

  public T ldapName(String name)
  {
    getLdapValue().put("name", name);
    getOpRequest().put("name", name);
    return self();
  }

  public T ldapModifyDN(ModifyDNOperation modifyDNOperation)
  {
    JsonValue ldapValue = getLdapValue();
    ldapValue.put("newRDN", modifyDNOperation.getRawNewRDN().toString());
    ldapValue.put("newSup", modifyDNOperation.getRawNewSuperior().toString());
    ldapValue.put("deleteOldRDN", modifyDNOperation.deleteOldRDN());
    getOpRequest().put("newRDN", modifyDNOperation.getRawNewRDN().toString());
    final ByteString rawNewSuperior = modifyDNOperation.getRawNewSuperior();
    if (rawNewSuperior != null)
    {
      getOpRequest().put("newSup", rawNewSuperior.toString());
    }
    getOpRequest().put("deleteOldRDN", modifyDNOperation.deleteOldRDN());
    return self();
  }

  public T ldapNEntries(int nbEntries)
  {
    getLdapValue().put("nentries", nbEntries);
    getOpResponse().put("nentries", nbEntries);
    return self();
  }

  public T ldapOid(String oid)
  {
    getLdapValue().put("oid", oid);
    getOpRequest().put("oid", oid);
    return self();
  }

  public T ldapProtocolVersion(String version)
  {
    getLdapValue().put("version", version);
    getOpRequest().put("version", version);
    return self();
  }

  public T ldapReason(DisconnectReason reason)
  {
    getLdapValue().put("reason", reason.toString());
    getOpResponse().put("reason", reason.toString());
    return self();
  }

  public T ldapSearch(SearchOperation searchOperation)
  {
    JsonValue ldapValue = getLdapValue();
    // for search base, re-uses the "dn" field
    ldapValue.put("dn", searchOperation.getRawBaseDN().toString());
    ldapValue.put("scope", searchOperation.getScope().toString());
    ldapValue.put("filter", searchOperation.getRawFilter().toString());
    getOpRequest().put("dn", searchOperation.getRawBaseDN().toString());
    getOpRequest().put("scope", searchOperation.getScope().toString());
    getOpRequest().put("filter", searchOperation.getRawFilter().toString());

    final Set<String> attrs = searchOperation.getAttributes();
    if ((attrs == null) || attrs.isEmpty())
    {
      ldapValue.put("attrs", Arrays.asList("ALL"));
      getOpRequest().put("attrs", Arrays.asList("ALL"));
    }
    else
    {
      ldapValue.put("attrs", new ArrayList<>(attrs));
      getOpRequest().put("attrs", new ArrayList<>(attrs));
    }
    return self();
  }
@@ -209,14 +209,14 @@
  {
    if (operation.isSynchronizationOperation())
    {
      getLdapValue().put("opType", "sync");
      getOpRequest().put("opType", "sync");
    }
    return self();
  }

  public T ldapAuthType(String type)
  {
    getLdapValue().put("authType", type);
    getOpRequest().put("authType", type);
    return self();
  }

@@ -248,13 +248,21 @@
    return items.toString();
  }

  private JsonValue getLdapValue()
  private JsonValue getOpRequest()
  {
    if (ldapValue == null)
    if (opRequest == null)
    {
      jsonValue.put(LDAP_VALUE_KEY, object());
      ldapValue = jsonValue.get(LDAP_VALUE_KEY);
      opRequest = jsonValue.get("request");
    }
    return ldapValue;
    return opRequest;
  }

  private JsonValue getOpResponse()
  {
    if (opResponse == null)
    {
      opResponse = jsonValue.get("response");
    }
    return opResponse;
  }
}

 opendj-server-legacy/src/main/java/org/opends/server/protocols/http/CommonAuditHttpAccessAuditFilter.java

@@ -53,7 +53,6 @@

    private final RequestHandler auditServiceHandler;
    private final TimeService time;
    private final String productName;

    /**
     * Constructs a new HttpAccessAuditFilter.
@@ -63,7 +62,6 @@
     * @param time The {@link TimeService} to use.
     */
    public CommonAuditHttpAccessAuditFilter(String productName, RequestHandler auditServiceHandler, TimeService time) {
        this.productName = productName;
        this.auditServiceHandler = auditServiceHandler;
        this.time = time;
    }
@@ -74,9 +72,8 @@

        AccessAuditEventBuilder<?> accessAuditEventBuilder = accessEvent();

        String protocol = clientContext.isSecure() ? "HTTPS" : "HTTP";
        accessAuditEventBuilder
                .eventName(productName + "-" + protocol + "-ACCESS")
                .eventName("DJ-HTTP")
                .timestamp(time.now())
                .transactionIdFromContext(context)
                .serverFromContext(clientContext)

 opendj-server-legacy/src/main/resources/org/opends/server/loggers/audit-config.json

@@ -245,6 +245,84 @@
                "operation": {
                  "description": "org.forgerock.audit.events.access.request.operation",
                  "type": "string"
                },
                "connId": {
                  "id": "connId",
                  "type": "string"
                },
                "msgId": {
                  "id": "msgId",
                  "type": "string"
                },
                "dn": {
                  "id": "dn",
                  "type": "string"
                },
                "scope": {
                  "id": "scope",
                  "type": "string"
                },
                "filter": {
                  "id": "filter",
                  "type": "string"
                },
                "attrs": {
                  "id": "attrs",
                  "type": "array",
                  "items": {
                    "type": "string"
                  }
                },
                "authType": {
                  "id": "authType",
                  "type": "string"
                },
                "controls": {
                  "id": "controls",
                  "type": "array",
                  "items": {
                    "type": "string"
                  }
                },
                "attr" : {
                  "id" : "attr",
                  "type" : "string"
                },
                "idToAbandon" : {
                  "id" : "idToAbandon",
                  "type" : "integer"
                },
                "message" : {
                  "id" : "message",
                  "type" : "string"
                },
                "name" : {
                  "id" : "name",
                  "type" : "string"
                },
                "newRDN" : {
                  "id" : "newRDN",
                  "type" : "string"
                },
                "newSup" : {
                  "id" : "newSup",
                  "type" : "string"
                },
                "deleteOldRDN" : {
                  "id" : "deleteOldRDN",
                  "type" : "boolean"
                },
                "oid" : {
                  "id" : "oid",
                  "type" : "string"
                },
                "version" : {
                  "id" : "version",
                  "type" : "string"
                },
                "opType": {
                  "id": "opType",
                  "type": "string"
                }
              }
            },
@@ -270,133 +348,42 @@
                "elapsedTimeUnits": {
                  "description": "org.forgerock.audit.events.access.response.elapsedTimeUnits",
                  "type": "string"
                }
              }
            },
            "ldap": {
                  "id": "ldap",
                  "type": "object",
                  "properties": {
                    "connId": {
                      "id": "connId",
                      "type": "string"
                    },
                    "msgId": {
                      "id": "msgId",
                      "type": "string"
                    },
                    "dn": {
                      "id": "dn",
                      "type": "string"
                    },
                    "scope": {
                      "id": "scope",
                      "type": "string"
                    },
                    "filter": {
                      "id": "filter",
                      "type": "string"
                    },
                    "attrs": {
                      "id": "attrs",
                      "type": "array",
                      "items": {
                        "type": "string"
                      }
                    },
                    "nentries": {
                      "id": "nentries",
                      "type": "string"
                    },
                    "authType": {
                      "id": "authType",
                      "type": "string"
                    },
                    "reqControls": {
                      "id": "reqControls",
                      "type": "array",
                      "items": {
                        "type": "string"
                      }
                    },
                    "respControls": {
                      "id": "respControls",
                      "type": "array",
                      "items": {
                        "type": "string"
                      }
                    },
                    "additionalItems": {
                      "id": "additionalItems",
                      "type": "string"
                    },
                    "items" : {
                      "id" : "items",
                      "type" : "string"  
                    },
                    "attr" : {
                      "id" : "attr",
                      "type" : "string"
                    },
                    "failureReason" : {
                      "id" : "failureReason",
                      "type" : "string"
                    },
                    "idToAbandon" : {
                      "id" : "idToAbandon",
                      "type" : "integer"
                    },
                    "maskedResult" : {
                      "id" : "maskedResult",
                      "type" : "integer"
                    },
                    "maskedMessage" : {
                      "id" : "maskedMessage",
                      "type" : "string"
                    },
                     "message" : {
                      "id" : "message",
                      "type" : "string"
                    },
                     "name" : {
                      "id" : "name",
                      "type" : "string"
                    },
                     "newRDN" : {
                      "id" : "newRDN",
                      "type" : "string"
                    },
                     "newSup" : {
                      "id" : "newSup",
                      "type" : "string"
                    },
                     "deleteOldRDN" : {
                      "id" : "deleteOldRDN",
                      "type" : "boolean"
                    },
                     "oid" : {
                      "id" : "oid",
                      "type" : "string"
                    },
                     "version" : {
                      "id" : "version",
                      "type" : "string"
                    },
                     "reason" : {
                      "id" : "reason",
                      "type" : "string"
                    },
                    "opType": {
                      "id": "opType",
                      "type": "string"
                    }
                },
                "nentries": {
                  "id": "nentries",
                  "type": "string"
                },
                "controls": {
                  "id": "controls",
                  "type": "array",
                  "items": {
                    "type": "string"
                  }
                },
                "additionalItems" : {
                  "id" : "additionalItems",
                  "type" : "string"
                },
                "failureReason" : {
                  "id" : "failureReason",
                  "type" : "string"
                },
                "maskedResult" : {
                  "id" : "maskedResult",
                  "type" : "integer"
                },
                "maskedMessage" : {
                  "id" : "maskedMessage",
                  "type" : "string"
                },
                "reason" : {
                  "id" : "reason",
                  "type" : "string"
                }
              }
            }
          }
        }
      }
    }
  }
}
}