Google Git
Sign in
apache / directory-fortress-core / HEAD / . / src / test / java / org / apache / directory / fortress / core / AuditMgrConsole.java
blob: 725e635257860232ed8c092033b96919ca24d052 [file] [log] [blame]
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* https://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*
*/
package org.apache.directory.fortress.core;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.directory.api.ldap.model.exception.LdapInvalidDnException;
import org.apache.directory.api.ldap.model.name.Dn;
import org.apache.directory.api.ldap.model.name.Rdn;
import org.apache.directory.fortress.core.model.Bind;
import org.apache.directory.fortress.core.model.AuthZ;
import org.apache.directory.fortress.core.model.Mod;
import org.apache.directory.fortress.core.impl.TestUtils;
import org.apache.directory.fortress.core.model.UserAudit;
import org.apache.directory.fortress.core.model.Permission;
import org.apache.directory.fortress.core.util.AuditUtil;
import org.apache.directory.fortress.core.util.time.TUtil;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.List;
import java.util.StringTokenizer;
class AuditMgrConsole
{
private AuditMgr am = null;
private static final String CLS_NM = AuditMgrConsole.class.getName();
private static final Logger LOG = LoggerFactory.getLogger( CLS_NM );
public AuditMgrConsole()
{
try
{
am = AuditMgrFactory.createInstance(TestUtils.getContext());
}
catch ( org.apache.directory.fortress.core.SecurityException e)
{
LOG.error(" constructor caught SecurityException rc=" + e.getErrorId() + ", msg=" + e.getMessage(), e);
}
}
/**
*
*/
void findBinds()
{
ReaderUtil.clearScreen();
try
{
System.out.println("Enter userId value to search Audit Binds with or null to retrieve all:");
String val = ReaderUtil.readLn();
UserAudit uAudit = new UserAudit();
uAudit.setUserId(val);
List<Bind> list = am.searchBinds(uAudit);
printAuthNs(list);
System.out.println("ENTER to continue");
}
catch (SecurityException e)
{
LOG.error("findBinds caught SecurityException rc=" + e.getErrorId() + ", msg=" + e.getMessage(), e);
}
ReaderUtil.readChar();
}
/**
*
*/
void getBindReport()
{
ReaderUtil.clearScreen();
try
{
System.out.println("Enter userId value to search Audit Binds with or null to retrieve all:");
String val = ReaderUtil.readLn();
UserAudit uAudit = new UserAudit();
uAudit.setUserId(val);
System.out.println("Check for failed only? (Enter 'Y' for yes or 'N' for no");
val = ReaderUtil.readLn();
if (val.equalsIgnoreCase("Y"))
uAudit.setFailedOnly(true);
System.out.println("Check within the last n hours? Enter number of hours or null for unlimited");
val = ReaderUtil.readLn();
if (val != null && val.length() > 0)
{
int hours = Integer.parseInt(val);
Date date = new Date();
long millis = date.getTime();
millis = millis - (1000 * 60 * 60 * hours);
Date date2 = new Date(millis);
uAudit.setBeginDate(date2);
}
List<Bind> list = am.searchBinds(uAudit);
printAuthNReport(list);
System.out.println("ENTER to continue");
}
catch (SecurityException e)
{
LOG.error("getBindReport caught SecurityException rc=" + e.getErrorId() + ", msg=" + e.getMessage(), e);
}
ReaderUtil.readChar();
}
/**
*
* @param list
*/
void printAuthNReport(List<Bind> list)
{
if (list != null && list.size() > 0)
{
int ctr = 0;
for (Bind aBind : list)
{
/*
public class Bind
private String createTimestamp;
private String creatorsName;
private String entryCSN;
private String entryDN;
private String entryUUID;
private String hasSubordinates;
private String modifiersName;
private String modifyTimestamp;
private String objectClass;
private String reqAuthzID;
private String reqControls;
private String reqDN;
private String reqEnd;
private String reqMethod;
private String reqResult;
private String reqSession;
private String reqStart;
private String reqType;
private String reqVersion;
private String structuralObjectClass;
*/
System.out.println("AUTHENTICATION AUDIT RECORD " + ctr++);
System.out.println("***************************************");
System.out.println(" UserId " + AuditUtil.getAuthZId( aBind.getReqDN() ));
Date aDate = null;
try
{
aDate = TUtil.decodeGeneralizedTime( aBind.getReqEnd() );
}
catch (ParseException pe)
{
System.out.println(" Bind Time " + "ParseException=" + pe.getMessage());
}
if(aDate != null)
{
SimpleDateFormat formatter = new SimpleDateFormat("MM/dd/yyyy HH:mm:ss");
String formattedDate = formatter.format(aDate);
System.out.println(" Bind Time " + formattedDate);
}
System.out.println(" AuthN Type " + aBind.getReqMethod());
System.out.println(" Success? " + aBind.getReqResult().equals("0"));
System.out.println(" Session " + aBind.getReqSession());
System.out.println(" Type " + aBind.getReqType());
System.out.println(" Version " + aBind.getReqVersion());
System.out.println();
System.out.println();
}
}
else
{
System.out.println("no authN's found");
}
}
/**
*
* @param list
*/
void printAuthNs(List<Bind> list)
{
if (list != null && list.size() > 0)
{
int ctr = 0;
for (Bind aBind : list)
{
/*
public class Bind
private String createTimestamp;
private String creatorsName;
private String entryCSN;
private String entryDN;
private String entryUUID;
private String hasSubordinates;
private String modifiersName;
private String modifyTimestamp;
private String objectClass;
private String reqAuthzID;
private String reqControls;
private String reqDN;
private String reqEnd;
private String reqMethod;
private String reqResult;
private String reqSession;
private String reqStart;
private String reqType;
private String reqVersion;
private String structuralObjectClass;
*/
System.out.println("AUDIT BIND OBJECT [" + ctr++ + "]:");
System.out.println(" createTimestamp [" + aBind.getCreateTimestamp() + "]");
System.out.println(" creatorsName [" + aBind.getCreatorsName() + "]");
System.out.println(" entryCSN [" + aBind.getEntryCSN() + "]");
System.out.println(" entryDN [" + aBind.getEntryDN() + "]");
System.out.println(" entryUUID [" + aBind.getEntryUUID() + "]");
System.out.println(" hasSubordinates [" + aBind.getHasSubordinates() + "]");
System.out.println(" modifiersName [" + aBind.getModifiersName() + "]");
System.out.println(" modifyTimestamp [" + aBind.getModifyTimestamp() + "]");
System.out.println(" objectClass [" + aBind.getObjectClass() + "]");
System.out.println(" reqAuthzID [" + aBind.getReqAuthzID() + "]");
System.out.println(" reqControls [" + aBind.getReqControls() + "]");
System.out.println(" reqDN [" + aBind.getReqDN() + "]");
System.out.println(" reqEnd [" + aBind.getReqEnd() + "]");
System.out.println(" reqMethod [" + aBind.getReqMethod() + "]");
System.out.println(" reqResult [" + aBind.getReqResult() + "]");
System.out.println(" reqSession [" + aBind.getReqSession() + "]");
System.out.println(" reqStart [" + aBind.getReqStart() + "]");
System.out.println(" reqType [" + aBind.getReqType() + "]");
System.out.println(" reqVersion [" + aBind.getReqVersion() + "]");
System.out.println(" structuralObjectClass [" + aBind.getStructuralObjectClass() + "]");
}
}
else
{
System.out.println("no authN's found");
}
}
/**
*
*/
void findAuthZs()
{
ReaderUtil.clearScreen();
try
{
System.out.println("Enter object name to search Audit AuthZs with:");
String val = ReaderUtil.readLn();
UserAudit uAudit = new UserAudit();
uAudit.setObjName(val);
System.out.println("Enter operation name to search Audit AuthZs with:");
val = ReaderUtil.readLn();
uAudit.setOpName(val);
System.out.println("Enter userId to search Audit AuthZs with:");
val = ReaderUtil.readLn();
if(StringUtils.isNotEmpty( val ))
{
uAudit.setUserId(val);
System.out.println("size=" + val.length() + " val=" + val);
}
else
{
System.out.println("val is empty or null");
}
//uAudit.setUserId(val);
System.out.println("Check for failed only? (Enter 'Y' for yes or 'N' for no");
val = ReaderUtil.readLn();
if (val.equalsIgnoreCase("Y"))
uAudit.setFailedOnly(true);
List<AuthZ> list = am.searchAuthZs(uAudit);
printAuthZs(list);
System.out.println("ENTER to continue");
}
catch (SecurityException e)
{
LOG.error("findAuthZs caught SecurityException rc=" + e.getErrorId() + ", msg=" + e.getMessage(), e);
}
ReaderUtil.readChar();
}
/**
*
*/
void getAuthZs()
{
ReaderUtil.clearScreen();
try
{
UserAudit uAudit = new UserAudit();
System.out.println("Enter userId to search Audit AuthZs with:");
String val = ReaderUtil.readLn();
if(StringUtils.isNotEmpty( val ))
{
uAudit.setUserId(val);
System.out.println("size=" + val.length() + " val=" + val);
}
else
{
System.out.println("val is empty or null");
}
System.out.println("Check for failed only? (Enter 'Y' for yes or 'N' for no");
val = ReaderUtil.readLn();
if (val.equalsIgnoreCase("Y"))
uAudit.setFailedOnly(true);
List<AuthZ> list = am.getUserAuthZs(uAudit);
printAuthZs(list);
System.out.println("ENTER to continue");
}
catch (SecurityException e)
{
LOG.error("getUserAuthZs caught SecurityException rc=" + e.getErrorId() + ", msg=" + e.getMessage(), e);
}
ReaderUtil.readChar();
}
/**
*
*/
void getAuthReport()
{
ReaderUtil.clearScreen();
try
{
UserAudit uAudit = new UserAudit();
System.out.println("Enter userId to search Audit AuthZs with:");
String val = ReaderUtil.readLn();
if(StringUtils.isNotEmpty( val ))
{
uAudit.setUserId(val);
System.out.println("size=" + val.length() + " val=" + val);
}
else
{
System.out.println("val is empty or null");
}
//uAudit.setUserId(val);
System.out.println("Check for failed only? (Enter 'Y' for yes or 'N' for no");
val = ReaderUtil.readLn();
if (val.equalsIgnoreCase("Y"))
uAudit.setFailedOnly(true);
System.out.println("Check within the last n hours? Enter number of hours or null for unlimited");
val = ReaderUtil.readLn();
if (val != null && val.length() > 0)
{
int hours = Integer.parseInt(val);
Date date = new Date();
long millis = date.getTime();
millis = millis - (1000 * 60 * 60 * hours);
Date date2 = new Date(millis);
uAudit.setBeginDate(date2);
}
List<AuthZ> list = am.getUserAuthZs(uAudit);
printAuthZReport(list);
System.out.println("ENTER to continue");
}
catch (SecurityException e)
{
LOG.error("getAuthReport caught SecurityException rc=" + e.getErrorId() + ", msg=" + e.getMessage(), e);
}
ReaderUtil.readChar();
}
/**
* @param list
*/
void printAuthZReport(List<AuthZ> list)
{
ReaderUtil.clearScreen();
if (list != null && list.size() > 0)
{
int ctr = 0;
for (AuthZ authZ : list)
{
/*
public class AuthZ
{
private String createTimestamp;
private String creatorsName;
private String entryCSN;
private String entryDN;
private String entryUUID;
private String hasSubordinates;
private String modifiersName;
private String modifyTimestamp;
private String objectClass;
private String reqAttr;
private String reqAttrsOnly;
private String reqAuthzID;
private String reqControls;
private String reqDN;
private String reqDerefAliases;
private String reqEnd;
private String reqEntries;
private String reqFilter;
private String reqResult;
private String reqScope;
private String reqSession;
private String reqSizeLimit;
private String reqStart;
private String reqTimeLimit;
private String reqType;
private String structuralObjectClass;
private String subschemaSubentry;
*/
//System.out.println("**********************************");
System.out.println("AUTHORIZATION AUDIT RECORD " + ctr++);
System.out.println("***************************************");
Date aDate = null;
try
{
aDate = TUtil.decodeGeneralizedTime(authZ.getReqEnd());
}
catch (ParseException pe)
{
System.out.println(" Access Time " + "ParseException=" + pe.getMessage());
}
if(aDate != null)
{
SimpleDateFormat formatter = new SimpleDateFormat("MM/dd/yyyy HH:mm:ss");
String formattedDate = formatter.format(aDate);
System.out.println(" Access Time " + formattedDate);
}
System.out.println(" userId " + AuditUtil.getAuthZId( authZ.getReqAuthzID() ));
try
{
Permission pOp = getAuthZPerm(authZ);
System.out.println(" Resource Name " + pOp.getObjName());
System.out.println(" Operation " + pOp.getOpName());
int rCtr = 0;
if ( pOp.getRoles() != null )
{
// TODO: fix the NPE that happens here:
System.out.println(" Success? " + authZ.getReqEntries().equals(GlobalIds.AUTHZ_COMPARE_FAILURE_FLAG));
for (String role : pOp.getRoles())
{
System.out.println(" Role[" + rCtr++ + "] " + role);
}
}
}
catch(LdapInvalidDnException e)
{
System.out.println("LdapInvalidDnException=" + e);
}
//System.out.println(" reqStart [" + authZ.getReqStart() + "]");
//System.out.println(" reqEnd [" + authZ.getReqEnd() + "]");
System.out.println();
System.out.println();
//System.out.println("**********************************");
}
}
else
{
System.out.println("AuthZ list empty");
}
}
/**
* Break the authZ eqDn attribute into 1. permission object name, 2. op name and 3. object id (optional).
*
* @param authZ contains the raw dn format from openldap slapo access log data
* @return Permisison containing objName, opName and optionally the objId populated from the raw data.
*/
public static Permission getAuthZPerm(AuthZ authZ) throws LdapInvalidDnException
{
// This will be returned to the caller:
Permission pOp = new Permission();
// Break dn into rdns for leaf and parent. Use the 'type' field in rdn.
// The objId value is optional. If present it will be part of the parent's relative distinguished name..
// Here the sample reqDN=ftOpNm=TOP2_2+ftObjId=002,ftObjNm=TOB2_1,ou=Permissions,ou=RBAC,dc=example,dc=com
// Will be mapped to objName=TOB2_1, opName=TOP2_2, objId=002, in the returned permission object.
Dn dn = new Dn( authZ.getReqDN() );
if( dn.getRdns() != null && CollectionUtils.isNotEmpty( dn.getRdns() ) )
{
for( Rdn rdn : dn.getRdns() )
{
// The rdn type attribute will be mapped to objName, opName and objId fields.
switch ( rdn.getType() )
{
case GlobalIds.POP_NAME:
pOp.setOpName( rdn.getType() );
break;
case GlobalIds.POBJ_NAME:
pOp.setObjName( rdn.getType() );
break;
case GlobalIds.POBJ_ID:
pOp.setObjId( rdn.getType() );
break;
}
}
}
return pOp;
}
void printfailedAuthNReport(List<AuthZ> list)
{
ReaderUtil.clearScreen();
if (list != null && list.size() > 0)
{
int ctr = 0;
for (AuthZ authZ : list)
{
/*
public class AuthZ
{
private String createTimestamp;
private String creatorsName;
private String entryCSN;
private String entryDN;
private String entryUUID;
private String hasSubordinates;
private String modifiersName;
private String modifyTimestamp;
private String objectClass;
private String reqAttr;
private String reqAttrsOnly;
private String reqAuthzID;
private String reqControls;
private String reqDN;
private String reqDerefAliases;
private String reqEnd;
private String reqEntries;
private String reqFilter;
private String reqResult;
private String reqScope;
private String reqSession;
private String reqSizeLimit;
private String reqStart;
private String reqTimeLimit;
private String reqType;
private String structuralObjectClass;
private String subschemaSubentry;
*/
//System.out.println("**********************************");
System.out.println("FAILED AUTHENTICATIONS AUDIT RECORD " + ctr++);
System.out.println("***************************************");
Date aDate = null;
try
{
aDate = TUtil.decodeGeneralizedTime(authZ.getReqEnd());
}
catch (ParseException pe)
{
System.out.println(" Access Time " + "ParseException=" + pe.getMessage());
}
if(aDate != null)
{
SimpleDateFormat formatter = new SimpleDateFormat("MM/dd/yyyy HH:mm:ss");
String formattedDate = formatter.format(aDate);
System.out.println(" Access Time " + formattedDate);
}
System.out.println(" userId " + AuditUtil.getAuthZId( authZ.getReqDN() ));
System.out.println(" Success? " + authZ.getReqEntries().equals("1"));
System.out.println(" reqDN " + authZ.getReqDN());
System.out.println();
System.out.println();
}
}
else
{
System.out.println("AuthZ list empty");
}
}
/**
* @param list
*/
void printAuthZs(List<AuthZ> list)
{
ReaderUtil.clearScreen();
if (list != null && list.size() > 0)
{
int ctr = 0;
for (AuthZ authZ : list)
{
/*
public class AuthZ
{
private String createTimestamp;
private String creatorsName;
private String entryCSN;
private String entryDN;
private String entryUUID;
private String hasSubordinates;
private String modifiersName;
private String modifyTimestamp;
private String objectClass;
private String reqAttr;
private String reqAttrsOnly;
private String reqAuthzID;
private String reqControls;
private String reqDN;
private String reqDerefAliases;
private String reqEnd;
private String reqEntries;
private String reqFilter;
private String reqResult;
private String reqScope;
private String reqSession;
private String reqSizeLimit;
private String reqStart;
private String reqTimeLimit;
private String reqType;
private String structuralObjectClass;
private String subschemaSubentry;
*/
System.out.println("AUDIT AUTHZ OBJECT [" + ctr++ + "]:");
System.out.println(" reqAuthzID [" + authZ.getReqAuthzID() + "]");
System.out.println(" reqDN [" + authZ.getReqDN() + "]");
System.out.println(" reqFilter [" + authZ.getReqFilter() + "]");
System.out.println(" reqEntries [" + authZ.getReqEntries() + "]");
System.out.println(" reqStart [" + authZ.getReqStart() + "]");
System.out.println(" reqEnd [" + authZ.getReqEnd() + "]");
System.out.println(" createTimestamp [" + authZ.getCreateTimestamp() + "]");
System.out.println(" creatorsName [" + authZ.getCreatorsName() + "]");
System.out.println(" entryCSN [" + authZ.getEntryCSN() + "]");
System.out.println(" entryDN [" + authZ.getEntryDN() + "]");
System.out.println(" entryUUID [" + authZ.getEntryUUID() + "]");
System.out.println(" hasSubordinates [" + authZ.getHasSubordinates() + "]");
System.out.println(" modifiersName [" + authZ.getModifiersName() + "]");
System.out.println(" modifyTimestamp [" + authZ.getModifyTimestamp() + "]");
System.out.println(" objectClass [" + authZ.getObjectClass() + "]");
System.out.println(" reqControls [" + authZ.getReqControls() + "]");
System.out.println(" reqResult [" + authZ.getReqResult() + "]");
System.out.println(" reqSession [" + authZ.getReqSession() + "]");
System.out.println(" reqType [" + authZ.getReqType() + "]");
System.out.println(" structuralObjectClass [" + authZ.getStructuralObjectClass() + "]");
System.out.println(" reqAttr [" + authZ.getReqAttr() + "]");
System.out.println(" reqAttrsOnly [" + authZ.getReqAttrsOnly() + "]");
System.out.println(" reqDerefAliases [" + authZ.getReqDerefAliases() + "]");
System.out.println(" reqScope [" + authZ.getReqScope() + "]");
System.out.println(" reqSizeLimit [" + authZ.getReqSizeLimit() + "]");
System.out.println(" reqTimeLimit [" + authZ.getReqTimeLimit() + "]");
}
}
else
{
System.out.println("AuthZ list empty");
}
}
/**
*
*/
void getModReport()
{
ReaderUtil.clearScreen();
try
{
UserAudit uAudit = new UserAudit();
System.out.println("Enter userId to search Audit Mods with:");
String val = ReaderUtil.readLn();
if(StringUtils.isNotEmpty( val ))
{
uAudit.setUserId(val);
System.out.println("size=" + val.length() + " val=" + val);
}
else
{
System.out.println("val is empty or null");
}
System.out.println("Check within the last n hours? Enter number of hours or null for unlimited");
val = ReaderUtil.readLn();
if (val != null && val.length() > 0)
{
int hours = Integer.parseInt(val);
Date date = new Date();
long millis = date.getTime();
millis = millis - (1000 * 60 * 60 * hours);
Date date2 = new Date(millis);
uAudit.setBeginDate(date2);
}
List<Mod> list = am.searchUserSessions(uAudit);
printMods(list);
System.out.println("ENTER to continue");
}
catch (SecurityException e)
{
LOG.error("getModReport caught SecurityException rc=" + e.getErrorId() + ", msg=" + e.getMessage(), e);
}
ReaderUtil.readChar();
}
/**
*
* @param list
*/
void printMods(List<Mod> list)
{
ReaderUtil.clearScreen();
if (list != null && list.size() > 0)
{
int ctr = 0;
for (Mod mod : list)
{
/*
public class Mod
{
private String reqSession;
private String objectClass;
private String reqAuthzID;
private String reqDN;
private String reqResult;
private String reqStart;
private String reqEnd;
private String reqType;
private List<String> reqMod;
*/
System.out.println("AUDIT MOD OBJECT [" + ctr++ + "]:");
System.out.println(" reqAuthzID [" + mod.getReqAuthzID() + "]");
System.out.println(" reqDN [" + mod.getReqDN() + "]");
System.out.println(" reqStart [" + mod.getReqStart() + "]");
System.out.println(" reqEnd [" + mod.getReqEnd() + "]");
System.out.println(" objectClass [" + mod.getObjectClass() + "]");
System.out.println(" reqResult [" + mod.getReqResult() + "]");
System.out.println(" reqSession [" + mod.getReqSession() + "]");
System.out.println(" reqType [" + mod.getReqType() + "]");
if(mod.getReqMod() != null)
{
int mCtr = 0;
for (String mVal : mod.getReqMod())
{
System.out.println(" reqMod[" + mCtr++ + "] [" + mVal + "]");
}
}
}
}
else
{
System.out.println("Mods list empty");
}
}
void getAdminModReport()
{
ReaderUtil.clearScreen();
try
{
UserAudit uAudit = new UserAudit();
System.out.println("Enter userId to search Audit Mods with or NULL for skip:");
String val = ReaderUtil.readLn();
if(StringUtils.isNotEmpty( val ))
{
uAudit.setUserId(val);
System.out.println("size=" + val.length() + " val=" + val);
}
System.out.println("Check within the last n hours? Enter number of hours or null for unlimited");
val = ReaderUtil.readLn();
if (val != null && val.length() > 0)
{
int hours = Integer.parseInt(val);
Date date = new Date();
long millis = date.getTime();
millis = millis - (1000 * 60 * 60 * hours);
Date date2 = new Date(millis);
uAudit.setBeginDate(date2);
}
/*
System.out.println("Enter begin time and date - format YYYYMMDDHHMM or null for unlimited");
val = ReaderUtil.readLn();
if (val != null && val.length() > 0)
{
//int hours = Integer.parseInt(val);
int year = new Integer(val.substring(0, 3));
int month = new Integer(val.substring(0, 3));
int day = new Integer(val.substring(0, 3));
Date date = new Date();
java.sql.Date date2 = new java.sql.Date(2011, 11, 25);
date2.getTime();
long millis = date.getTime();
millis = millis - (1000 * 60 * 60 * hours);
Date date2 = new Date(millis);
uAudit.setBeginDate(date2);
} */
System.out.println("Enter admin object name to search Audit Mods with or NULL for skip:");
val = ReaderUtil.readLn();
if(StringUtils.isNotEmpty( val ))
{
uAudit.setObjName(val);
System.out.println("size=" + val.length() + " val=" + val);
}
System.out.println("Enter admin operation name to search Audit Mods with or NULL for skip:");
val = ReaderUtil.readLn();
if(StringUtils.isNotEmpty( val ))
{
uAudit.setOpName(val);
System.out.println("size=" + val.length() + " val=" + val);
}
List<Mod> list = am.searchAdminMods(uAudit);
printMods(list);
System.out.println("ENTER to continue");
}
catch (SecurityException e)
{
LOG.error("getAdminModReport caught SecurityException rc=" + e.getErrorId() + ", msg=" + e.getMessage(), e);
}
ReaderUtil.readChar();
}
void getAuthNInvalidReport()
{
ReaderUtil.clearScreen();
try
{
UserAudit uAudit = new UserAudit();
System.out.println("Enter userId to search Audit AuthZs with:");
String val = ReaderUtil.readLn();
if( StringUtils.isNotEmpty( val ))
{
uAudit.setUserId(val);
System.out.println("size=" + val.length() + " val=" + val);
}
else
{
System.out.println("val is empty or null");
}
//uAudit.setUserId(val);
//System.out.println("Check for failed only? (Enter 'Y' for yes or 'N' for no");
//val = ReaderUtil.readLn();
//if (val.equalsIgnoreCase("Y"))
uAudit.setFailedOnly(true);
System.out.println("Check within the last n hours? Enter number of hours or null for unlimited");
val = ReaderUtil.readLn();
if (val != null && val.length() > 0)
{
int hours = Integer.parseInt(val);
Date date = new Date();
long millis = date.getTime();
millis = millis - (1000 * 60 * 60 * hours);
Date date2 = new Date(millis);
uAudit.setBeginDate(date2);
}
List<AuthZ> list = am.searchInvalidUsers(uAudit);
printfailedAuthNReport(list);
System.out.println("ENTER to continue");
}
catch (SecurityException e)
{
LOG.error("getAuthNInvalidReport caught SecurityException rc=" + e.getErrorId() + ", msg=" + e.getMessage(), e);
}
ReaderUtil.readChar();
}
/**
* Parse slapd access raw data to pull the permission name out.
*
* @param authZ raw data contained in Fortress audit entity.
* @return Permission contains {@link org.apache.directory.fortress.core.model.Permission#objName} and {@link org.apache.directory.fortress.core.model.Permission#opName}
*/
private Permission getAuthZPerm2(AuthZ authZ)
{
int indx = 0;
//final int objectClass = 1;
final int oPNm = 2;
final int oBjNm = 3;
final int user = 4;
final int roles = 6;
// reqFilter
// <(&(objectClass=ftOperation)
// (ftOpNm=top1_10)(ftObjNm=tob2_4)
// (|(ftUsers=fttu3user4)
// (ftRoles=ftt3role1)
// (ftRoles=ftt3role2)
// (ftRoles=ftt3role3)
// (ftRoles=ftt3role4)
// (ftRoles=ftt3role5)
// (ftRoles=ftt3role6)
// (ftRoles=ftt3role7)
// (ftRoles=ftt3role8)
// (ftRoles=ftt3role9)
// (ftRoles=ftt3role10)))>
Permission pOp = new Permission();
if (authZ.getReqFilter() != null && authZ.getReqFilter().length() > 0)
{
StringTokenizer maxTkn = new StringTokenizer(authZ.getReqFilter(), "=");
//System.out.println("maxTken size=" + maxTkn.countTokens());
int numTokens = maxTkn.countTokens();
for (int i = 0; i < numTokens; i++)
{
String val = maxTkn.nextToken();
//System.out.println("token[" + i + "]=" + val);
switch (i)
{
//case objectClass:
// indx = val.indexOf('=');
// if (indx >= 1)
// {
// String value = val.substring(indx + 1, val.length() - 1);
// }
// break;
case oPNm:
indx = val.indexOf('=');
if (indx >= 1)
{
pOp.setOpName(val.substring(indx + 1, val.length() - 1));
}
break;
case oBjNm:
indx = val.indexOf('=');
if (indx >= 1)
{
pOp.setObjName( val.substring( indx + 1, val.length() - 1 ) );
}
break;
case user:
indx = val.indexOf('=');
if (indx >= 1)
{
pOp.setUser(val.substring(indx + 1, val.length() - 1));
}
break;
default:
int indx2 = 0;
if (i >= roles)
{
indx = val.indexOf('=');
indx2 = val.indexOf(')');
}
if (indx >= 1)
{
pOp.setRole(val.substring(indx + 1, indx2));
}
break;
}
}
}
return pOp;
}
}