From 331654f294bdcce95bcc1962d64f27b16f968f4e Mon Sep 17 00:00:00 2001
From: Matthew Swift <matthew.swift@forgerock.com>
Date: Fri, 14 Oct 2011 08:52:01 +0000
Subject: [PATCH] OPENDJ-308: Implement access log filtering and configurable message format
---
opendj-sdk/opends/src/server/org/opends/server/loggers/AbstractTextAccessLogPublisher.java | 86 +++++++++++++++++++++++++++++++-----------
1 files changed, 63 insertions(+), 23 deletions(-)
diff --git a/opendj-sdk/opends/src/server/org/opends/server/loggers/AbstractTextAccessLogPublisher.java b/opendj-sdk/opends/src/server/org/opends/server/loggers/AbstractTextAccessLogPublisher.java
index 07f528d..2bc2ec5 100644
--- a/opendj-sdk/opends/src/server/org/opends/server/loggers/AbstractTextAccessLogPublisher.java
+++ b/opendj-sdk/opends/src/server/org/opends/server/loggers/AbstractTextAccessLogPublisher.java
@@ -77,6 +77,8 @@
private final EnumSet<OperationType> logOperationRecords;
private final AddressMask[] clientAddressEqualTo;
private final AddressMask[] clientAddressNotEqualTo;
+ private final int[] clientPorts;
+ private final String[] clientProtocols;
private final PatternDN[] userDNEqualTo;
private final PatternDN[] userDNNotEqualTo;
private final PatternDN[] targetDNEqualTo;
@@ -160,13 +162,32 @@
}
}
- clientAddressEqualTo = cfg.getClientAddressEqualTo().toArray(
+ // The list of ports is likely to be small and a simple array lookup will
+ // be more efficient, avoiding auto-boxing conversions as well.
+ clientPorts = new int[cfg.getConnectionPortEqualTo().size()];
+ int i = 0;
+ for (Integer port : cfg.getConnectionPortEqualTo())
+ {
+ clientPorts[i++] = port;
+ }
+
+ clientProtocols = new String[cfg.getConnectionProtocolEqualTo().size()];
+ i = 0;
+ for (String protocol : cfg.getConnectionProtocolEqualTo())
+ {
+ clientProtocols[i++] = toLowerCase(protocol);
+ }
+
+ clientAddressEqualTo = cfg.getConnectionClientAddressEqualTo().toArray(
new AddressMask[0]);
- clientAddressNotEqualTo = cfg.getClientAddressNotEqualTo().toArray(
- new AddressMask[0]);
+ clientAddressNotEqualTo = cfg.getConnectionClientAddressNotEqualTo()
+ .toArray(new AddressMask[0]);
+
+
+
userDNEqualTo = new PatternDN[cfg.getUserDNEqualTo().size()];
- int i = 0;
+ i = 0;
for (final String s : cfg.getUserDNEqualTo())
{
userDNEqualTo[i++] = PatternDN.decode(s);
@@ -307,6 +328,44 @@
private boolean filterClientConnection(final ClientConnection connection)
{
+ // Check protocol.
+ if (clientProtocols.length > 0)
+ {
+ boolean found = false;
+ final String protocol = toLowerCase(connection.getProtocol());
+ for (String p : clientProtocols)
+ {
+ if (protocol.equals(p))
+ {
+ found = true;
+ break;
+ }
+ }
+ if (!found)
+ {
+ return false;
+ }
+ }
+
+ // Check server port.
+ if (clientPorts.length > 0)
+ {
+ boolean found = false;
+ final int port = connection.getServerPort();
+ for (int p : clientPorts)
+ {
+ if (port == p)
+ {
+ found = true;
+ break;
+ }
+ }
+ if (!found)
+ {
+ return false;
+ }
+ }
+
// Check client address.
final InetAddress ipAddr = connection.getRemoteAddress();
if (clientAddressNotEqualTo.length > 0)
@@ -324,25 +383,6 @@
}
}
- // Check server port.
- if (!cfg.getClientPortEqualTo().isEmpty())
- {
- if (!cfg.getClientPortEqualTo().contains(connection.getServerPort()))
- {
- return false;
- }
- }
-
- // Check protocol.
- if (!cfg.getClientProtocolEqualTo().isEmpty())
- {
- if (!cfg.getClientProtocolEqualTo().contains(
- toLowerCase(connection.getProtocol())))
- {
- return false;
- }
- }
-
return true;
}
--
Gitblit v1.10.0