AuditActivity xref

View Javadoc

1   /* 
2    * Licensed to the Apache Software Foundation (ASF) under one or more
3    * contributor license agreements.  See the NOTICE file distributed with
4    * this work for additional information regarding copyright ownership.
5    * The ASF licenses this file to You under the Apache License, Version 2.0
6    * (the "License"); you may not use this file except in compliance with
7    * the License.  You may obtain a copy of the License at
8    *
9    *     http://www.apache.org/licenses/LICENSE-2.0
10   *
11   * Unless required by applicable law or agreed to in writing, software
12   * distributed under the License is distributed on an "AS IS" BASIS,
13   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14   * See the License for the specific language governing permissions and
15   * limitations under the License.
16   */
17  package org.apache.jetspeed.audit;
18  
19  import javax.sql.DataSource;
20  
21  /***
22   * Gathers information about security auditing activity
23   * 
24   * @author <a href="mailto:taylor@apache.org">David Sean Taylor </a>
25   * @version $Id: $
26   */
27  public interface AuditActivity
28  {
29      // user activities
30      public static final String AUTHENTICATION_SUCCESS = "login-success";
31      public static final String AUTHENTICATION_FAILURE = "login-failure";
32      public static final String PASSWORD_CHANGE_SUCCESS = "password-success";
33      public static final String PASSWORD_CHANGE_FAILURE = "password-failure";
34      
35      // admin activities
36      public static final String USER_CREATE = "user-create";
37      public static final String USER_UPDATE = "user-update";
38      public static final String USER_DELETE = "user-delete";
39      public static final String USER_DISABLE = "user-disable";
40      public static final String USER_EXTEND = "user-extend";    
41      public static final String USER_EXTEND_UNLIMITED = "user-extend-unlimited";    
42  
43      public static final String PASSWORD_EXPIRE = "password-expire";
44      public static final String PASSWORD_RESET = "password-reset";
45      public static final String PASSWORD_ACTIVATE  = "password-activate";
46      public static final String PASSWORD_ENABLED  = "password-enabled";
47      public static final String PASSWORD_DISABLED  = "password-disabled";        
48      public static final String PASSWORD_UPDATE_REQUIRED = "password-update-req";
49      public static final String PASSWORD_EXTEND = "password-extend";
50      public static final String PASSWORD_UNLIMITED = "password-unlimited";
51      
52      public static final String USER_ADD_ROLE = "user-add-role";
53      public static final String USER_DELETE_ROLE = "user-delete-role";
54      public static final String USER_ADD_GROUP = "user-add-group";
55      public static final String USER_DELETE_GROUP = "user-delete-group";
56      public static final String USER_ADD_PROFILE = "user-add-profile";
57      public static final String USER_DELETE_PROFILE = "user-delete-profile";
58  
59      public static final String USER_ADD_ATTRIBUTE = "user-add-attr";
60      public static final String USER_DELETE_ATTRIBUTE = "user-delete-attr";
61      public static final String USER_UPDATE_ATTRIBUTE = "user-update-attr";
62      
63      // General Categories
64      public static final String CAT_USER_AUTHENTICATION = "authentication";
65      public static final String CAT_USER_ATTRIBUTE = "user-attribute";
66      public static final String CAT_ADMIN_USER_MAINTENANCE = "user";
67      public static final String CAT_ADMIN_CREDENTIAL_MAINTENANCE = "credential";
68      public static final String CAT_ADMIN_ATTRIBUTE_MAINTENANCE = "attribute";
69      public static final String CAT_ADMIN_AUTHORIZATION_MAINTENANCE = "authorization";    
70      
71      /***
72       * Enable or disable the service at runtime
73       * 
74       * @param enabled
75       */
76      public void setEnabled(boolean enabled);
77      
78      /***
79       * Get the enabled state of this service
80       * @return
81       */
82      public boolean getEnabled();
83      
84      /***
85       * Log user security-audit-related activity
86       * 
87       * @param username
88       * @param ipaddress
89       * @param activity
90       * @param description
91       */
92      public void logUserActivity(String username, String ipaddress, String activity, String description);
93  
94      /***
95       * Log auditable activity by an administrator on behalf of another user
96       * 
97       * @param username
98       * @param ipaddress
99       * @param targetUser
100      * @param activity
101      * @param description
102      */
103     public void logAdminUserActivity(String username, String ipaddress, String targetUser, String activity, String description);
104 
105     /***
106      * Log auditable activity by an administrator on credentials on behalf of a user
107      * 
108      * @param adminName
109      * @param ipaddress
110      * @param targetUser
111      * @param activity
112      * @param description
113      */
114     public void logAdminCredentialActivity(String username, String ipaddress, String targetUser, String activity, String description);
115     
116     public void logAdminAuthorizationActivity(String username, String ipaddress, String targetUser, String activity, String name, String description);
117     
118     /***
119      * Log auditable activity by an administrator on attirbutes on behalf of a user
120      * 
121      * @param username
122      * @param ipaddress
123      * @param targetUser
124      * @param activity
125      * @param name
126      * @param beforeValue
127      * @param afterValue
128      * @param description
129      */
130     public void logAdminAttributeActivity(String username, String ipaddress, String targetUser, String activity, String name, String beforeValue, String afterValue, String description);
131 
132     /***
133      * Log auditable activity by an administrator on attirbutes on behalf of a user
134      * 
135      * @param username
136      * @param ipaddress
137      * @param activity
138      * @param name
139      * @param beforeValue
140      * @param afterValue
141      * @param description
142      */
143     public void logUserAttributeActivity(String username, String ipaddress, String activity, String name, String beforeValue, String afterValue, String description);
144 
145     /***
146      * @return DataSource in use by the logger useful for writing decent tests
147      */
148     public DataSource getDataSource();
149     
150 }