• Home
• io.helidon.security
• helidon-security
• 4.0.11
• source code
• AuditProvider.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

io.helidon.security.spi.AuditProvider Maven / Gradle / Ivy

/*
 * Copyright (c) 2018, 2021 Oracle and/or its affiliates.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package io.helidon.security.spi;

import java.util.ArrayList;
import java.util.List;
import java.util.Optional;
import java.util.OptionalInt;
import java.util.function.Consumer;
import java.util.stream.Collectors;

import io.helidon.security.AuditEvent;

/**
 * Audit provider, storing audit events.
 * If no custom audit provider is defined (using
 * {@link io.helidon.security.Security.Builder#addAuditProvider(AuditProvider)}) a default provider will be used.
 * 

 * Default audit provider logs most events in {@link java.util.logging.Level#FINEST}.
 * {@link AuditEvent.AuditSeverity#AUDIT_FAILURE}
 * and {@link AuditEvent.AuditSeverity#ERROR}
 * are logged in {@link java.util.logging.Level#SEVERE} and {@link AuditEvent.AuditSeverity#WARN} is logged in {@link
 * java.util.logging.Level#WARNING} level.
 *
 * 

 * Format of default audit provider log record (all end of lines are removed from message, not from stack trace):
 * {@code
 * year.month.day hour(24):minute:second LogLevel AUDIT auditSeverity tracingId auditEventType auditEventClassName location(class)
 * location(method) location(sourceFile) location(line) :: "audit message"
 * }
 */
@FunctionalInterface
public interface AuditProvider extends SecurityProvider {
    /**
     * Return your subscriber for audit events. The method is invoked synchronously, so if you want to have low impact on
     * performance, you should handle possible asynchronous processing in the provider implementation.
     *
     * @return Consumer that will receive all audit events of this security realm
     */
    Consumer auditConsumer();

    /**
     * Audit event sent to Audit provider. Wraps tracing id and AuditEvent sent by
     * a component/user.
     */
    interface TracedAuditEvent extends AuditEvent {
        /**
         * Tracing id of the current audit event, generated by SecurityContext.
         *
         * @return String with tracing id
         */
        String tracingId();

        /**
         * Source of this audit event (class, method, line number etc.).
         *
         * @return Source of the audit event
         */
        AuditSource auditSource();

        /**
         * Creates a formatted message from this events message format and parameters.
         *
         * @return formatted message
         */
        default String formatMessage() {
            List params = params();
            List