[wsas-java-dev] svn commit r700 - in wsas/java/trunk/modules:
admin/src/org/wso2/wsas/admin/module/admin/handler
admin/src/org/wso2/wsas/admin/service core/conf/hibernate
core/src/org/wso2/wsas core/src/org/wso2/wsas/persistence/dataobject
samples/Chad/src/org/wso2/wsas/sample/chad
svn at wso2.com
svn at wso2.com
Sun Feb 4 20:46:00 PST 2007
Author: azeez
Date: Sun Feb 4 20:45:37 2007
New Revision: 700
Modified:
wsas/java/trunk/modules/admin/src/org/wso2/wsas/admin/module/admin/handler/AuthenticationHandler.java
wsas/java/trunk/modules/admin/src/org/wso2/wsas/admin/service/GlobalAdmin.java
wsas/java/trunk/modules/admin/src/org/wso2/wsas/admin/service/ServiceAdmin.java
wsas/java/trunk/modules/core/conf/hibernate/wso2wsas.hbm.xml
wsas/java/trunk/modules/core/src/org/wso2/wsas/ServerConstants.java
wsas/java/trunk/modules/core/src/org/wso2/wsas/persistence/dataobject/ServiceUserDO.java
wsas/java/trunk/modules/samples/Chad/src/org/wso2/wsas/sample/chad/Chad.java
Log:
Adding admin login auditing functionality
Modified: wsas/java/trunk/modules/admin/src/org/wso2/wsas/admin/module/admin/handler/AuthenticationHandler.java
==============================================================================
--- wsas/java/trunk/modules/admin/src/org/wso2/wsas/admin/module/admin/handler/AuthenticationHandler.java (original)
+++ wsas/java/trunk/modules/admin/src/org/wso2/wsas/admin/module/admin/handler/AuthenticationHandler.java Sun Feb 4 20:45:37 2007
@@ -53,7 +53,7 @@
}
String loginStatus =
- (String) serviceCtx.getServiceGroupContext().getProperty(ServerConstants.LOGGED_IN);
+ (String) serviceCtx.getServiceGroupContext().getProperty(ServerConstants.ADMIN_LOGGED_IN);
return "true".equals(loginStatus);
}
Modified: wsas/java/trunk/modules/admin/src/org/wso2/wsas/admin/service/GlobalAdmin.java
==============================================================================
--- wsas/java/trunk/modules/admin/src/org/wso2/wsas/admin/service/GlobalAdmin.java (original)
+++ wsas/java/trunk/modules/admin/src/org/wso2/wsas/admin/service/GlobalAdmin.java Sun Feb 4 20:45:37 2007
@@ -21,6 +21,7 @@
import org.apache.axis2.AxisFault;
import org.apache.axis2.context.ConfigurationContext;
import org.apache.axis2.context.MessageContext;
+import org.apache.axis2.context.ServiceGroupContext;
import org.apache.axis2.deployment.DeploymentEngine;
import org.apache.axis2.description.AxisModule;
import org.apache.axis2.description.Parameter;
@@ -29,10 +30,14 @@
import org.apache.axis2.engine.Phase;
import org.apache.axis2.phaseresolver.PhaseMetadata;
import org.apache.neethi.Policy;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
import org.wso2.wsas.ServerConstants;
import org.wso2.wsas.admin.service.util.AdminDatabaseAuthenticator;
import org.wso2.wsas.admin.service.util.PolicyUtil;
import org.wso2.wsas.persistence.PersistenceManager;
+import org.wso2.wsas.persistence.exception.ServiceUserNotFoundException;
+import org.wso2.wsas.persistence.dataobject.ServiceUserDO;
import org.wso2.wsas.util.HibernateConfigFactory;
import org.wso2.wsas.util.ParameterUtil;
@@ -42,6 +47,10 @@
import java.io.IOException;
import java.io.OutputStream;
import java.util.ArrayList;
+import java.util.Date;
+import java.util.Calendar;
+import java.util.Map;
+import java.text.SimpleDateFormat;
/**
@@ -49,81 +58,74 @@
*/
public class GlobalAdmin extends AbstractAdmin {
- //to list hnadlers in a given phase (global)
+ private static final Log log = LogFactory.getLog(GlobalAdmin.class);
+ private PersistenceManager pm =
+ new PersistenceManager(HibernateConfigFactory.
+ getDefaultConfig(ServerConstants.WSO2WSAS_HB_CONFIG_KEY));
+
+ /**
+ * List hnadlers in a given phase (global)
+ *
+ * @param flow
+ * @param phaseName
+ * @return
+ * @throws AxisFault
+ */
public String[] listGlobalPhaseHandlers(int flow, String phaseName) throws AxisFault {
String[] handlers = null;
switch (flow) {
case PhaseMetadata.IN_FLOW: {
ArrayList inflow = getAxisConfig().getGlobalInFlow();
-
for (int i = 0; i < inflow.size(); i++) {
Phase phase = (Phase) inflow.get(i);
-
if (phase.getPhaseName().equals(phaseName)) {
handlers = new String[phase.getHandlerCount()];
-
ArrayList hands = phase.getHandlers();
-
for (int j = 0; j < hands.size(); j++) {
Handler handler = (Handler) hands.get(j);
handlers[j] = handler.getName();
}
}
}
-
break;
}
case PhaseMetadata.OUT_FLOW: {
ArrayList phases = getAxisConfig().getGlobalOutPhases();
-
for (int i = 0; i < phases.size(); i++) {
Phase phase = (Phase) phases.get(i);
-
if (phase.getPhaseName().equals(phaseName)) {
handlers = new String[phase.getHandlerCount()];
-
ArrayList hands = phase.getHandlers();
-
for (int j = 0; j < hands.size(); j++) {
Handler handler = (Handler) hands.get(j);
handlers[j] = handler.getName();
}
}
}
-
break;
}
case PhaseMetadata.FAULT_IN_FLOW: {
ArrayList inflow = getAxisConfig().getInFaultFlow();
-
for (int i = 0; i < inflow.size(); i++) {
Phase phase = (Phase) inflow.get(i);
-
if (phase.getPhaseName().equals(phaseName)) {
handlers = new String[phase.getHandlerCount()];
-
ArrayList hands = phase.getHandlers();
-
for (int j = 0; j < hands.size(); j++) {
Handler handler = (Handler) hands.get(j);
handlers[j] = handler.getName();
}
}
}
-
break;
}
case PhaseMetadata.FAULT_OUT_FLOW: {
ArrayList inflow = getAxisConfig().getOutFaultFlow();
-
for (int i = 0; i < inflow.size(); i++) {
Phase phase = (Phase) inflow.get(i);
-
if (phase.getPhaseName().equals(phaseName)) {
handlers = new String[phase.getHandlerCount()];
-
ArrayList hands = phase.getHandlers();
-
for (int j = 0; j < hands.size(); j++) {
Handler handler = (Handler) hands.get(j);
handlers[j] = handler.getName();
@@ -218,53 +220,83 @@
return phaseNames;
}
- public boolean login(String username, String password) {
+ public boolean login(String username, String password) throws AxisFault {
+ MessageContext msgCtx = MessageContext.getCurrentMessageContext();
+ ServiceGroupContext sgCtx = msgCtx.getServiceGroupContext();
if ((username == null) || (password == null) ||
username.trim().equals("") || password.trim().equals("")) {
- MessageContext.getCurrentMessageContext().getServiceGroupContext()
- .setProperty(org.wso2.wsas.ServerConstants.LOGGED_IN,
- "false");
-
+ sgCtx.setProperty(ServerConstants.ADMIN_LOGGED_IN, "false");
return false;
}
boolean loggedIn =
- new AdminDatabaseAuthenticator().
- authenticate(username,
- password,
- MessageContext.getCurrentMessageContext().getConfigurationContext());
+ new AdminDatabaseAuthenticator().authenticate(username,
+ password,
+ msgCtx.getConfigurationContext());
+ SimpleDateFormat date = new SimpleDateFormat("'['yyyy-MM-dd HH:mm:ss,SSSS']'");
+ Date currentTime = Calendar.getInstance().getTime();
+ ServiceUserDO user = pm.getUser(username);
+ String remoteIP = (String) msgCtx.getProperty(MessageContext.REMOTE_ADDR);
if (loggedIn) {
- MessageContext.getCurrentMessageContext().getServiceGroupContext()
- .setProperty(org.wso2.wsas.ServerConstants.LOGGED_IN,
- "true");
-
+ sgCtx.setProperty(ServerConstants.ADMIN_LOGGED_IN, "true");
+ log.info("Administrator \'" + username + "' logged in at " + date.format(currentTime) +
+ " from IP address " + remoteIP);
+ if (user.getLastLoggedIn() != null) {
+ log.info("Last successful login at " + date.format(user.getLastLoggedIn()) +
+ " from IP Address " + user.getLastLoginIP());
+ }
+ if (user.getLastFailedLogIn() != null) {
+ log.info("Last failed login at " + date.format(user.getLastLoggedIn()) +
+ " from IP Address " + user.getLastLoginIP());
+ }
+ sgCtx.setProperty(ServerConstants.LAST_ADMIN_LOGIN_TIME, user.getLastLoggedIn());
+ sgCtx.setProperty(ServerConstants.LAST_ADMIN_LOGIN_IP, user.getLastLoginIP());
+ sgCtx.setProperty(ServerConstants.LAST_FAILED_ADMIN_LOGIN_TIME,
+ user.getLastFailedLogIn());
+ sgCtx.setProperty(ServerConstants.LAST_FAILED_ADMIN_LOGIN_IP,
+ user.getLastFailedLoginIP());
+ user.setLastLoggedIn(currentTime);
+ user.setLastLoginIP(remoteIP);
+ try {
+ pm.updateUser(user);
+ } catch (ServiceUserNotFoundException e) {
+ throw new AxisFault(e);
+ }
return true;
} else {
- MessageContext.getCurrentMessageContext().getServiceGroupContext()
- .setProperty(org.wso2.wsas.ServerConstants.LOGGED_IN,
- "false");
-
+ sgCtx.getProperties().remove(ServerConstants.ADMIN_LOGGED_IN);
+ if (user != null) {
+ log.warn("Failed login attempt by Administrator \'" + username + "\' at " +
+ date.format(currentTime) + " from IP address " + remoteIP);
+ user.setLastFailedLogIn(currentTime);
+ user.setLastFailedLoginIP(remoteIP);
+ try {
+ pm.updateUser(user);
+ } catch (ServiceUserNotFoundException e) {
+ throw new AxisFault(e);
+ }
+ } else {
+ log.warn("Failed Administrator login attempt by non-existent Administrator \'" +
+ username + "\' at " + date.format(currentTime) +
+ " from IP address " + remoteIP);
+ }
return false;
}
}
public void serverRegistered() {
- ConfigurationContext configCtx = MessageContext.getCurrentMessageContext().getConfigurationContext();
+ ConfigurationContext configCtx =
+ MessageContext.getCurrentMessageContext().getConfigurationContext();
configCtx.setProperty(ServerConstants.SERVER_REGISTERED, "true");
-
- PersistenceManager pm = new PersistenceManager(HibernateConfigFactory.getDefaultConfig(
- org.wso2.wsas.ServerConstants.WSO2WSAS_HB_CONFIG_KEY));
pm.updateConfigurationProperty(ServerConstants.SERVER_REGISTERED, "true");
}
public boolean isServerRegistered() {
- ConfigurationContext configCtx = MessageContext.getCurrentMessageContext().getConfigurationContext();
+ ConfigurationContext configCtx =
+ MessageContext.getCurrentMessageContext().getConfigurationContext();
String serverReg = (String) configCtx.getProperty(ServerConstants.SERVER_REGISTERED);
if (serverReg == null) {
- PersistenceManager pm = new PersistenceManager(HibernateConfigFactory.getDefaultConfig(
- org.wso2.wsas.ServerConstants.WSO2WSAS_HB_CONFIG_KEY));
serverReg = pm.getConfigurationProperty(ServerConstants.SERVER_REGISTERED);
-
if (serverReg == null) {
serverReg = "false";
pm.updateConfigurationProperty(ServerConstants.SERVER_REGISTERED,
@@ -278,7 +310,7 @@
public void logout() throws AxisFault {
MessageContext.getCurrentMessageContext().
- getServiceGroupContext().setProperty(ServerConstants.LOGGED_IN, "false");
+ getServiceGroupContext().getProperties().clear();
}
public boolean deployService(OMElement element) throws AxisFault {
@@ -289,7 +321,6 @@
String fileName = element.getLocalName();
OMNode node = element.getFirstOMChild();
-
if (node instanceof OMText) {
OMText txt = (OMText) node;
String repo = getAxisConfig().getRepository().getPath();
Modified: wsas/java/trunk/modules/admin/src/org/wso2/wsas/admin/service/ServiceAdmin.java
==============================================================================
--- wsas/java/trunk/modules/admin/src/org/wso2/wsas/admin/service/ServiceAdmin.java (original)
+++ wsas/java/trunk/modules/admin/src/org/wso2/wsas/admin/service/ServiceAdmin.java Sun Feb 4 20:45:37 2007
@@ -43,6 +43,7 @@
import org.wso2.wsas.transport.util.TransportSummary;
import org.wso2.wsas.util.HibernateConfigFactory;
import org.wso2.wsas.util.ParameterUtil;
+import org.wso2.wsas.ServerConstants;
import javax.xml.namespace.QName;
import javax.xml.stream.XMLInputFactory;
@@ -52,7 +53,6 @@
import java.net.URL;
import java.util.*;
-
/**
* Admin service to manage services
*/
@@ -62,8 +62,8 @@
"Cannot remove transport binding. " +
"<br/>A service must contain at least one transport binding!";
private PersistenceManager pm =
- new PersistenceManager(HibernateConfigFactory.getDefaultConfig(
- org.wso2.wsas.ServerConstants.WSO2WSAS_HB_CONFIG_KEY));
+ new PersistenceManager(HibernateConfigFactory.
+ getDefaultConfig(ServerConstants.WSO2WSAS_HB_CONFIG_KEY));
public ServiceAdmin() {
}
Modified: wsas/java/trunk/modules/core/conf/hibernate/wso2wsas.hbm.xml
==============================================================================
--- wsas/java/trunk/modules/core/conf/hibernate/wso2wsas.hbm.xml (original)
+++ wsas/java/trunk/modules/core/conf/hibernate/wso2wsas.hbm.xml Sun Feb 4 20:45:37 2007
@@ -296,6 +296,10 @@
<property name="username" column="c_username" not-null="true" unique="true"/>
<property name="password" column="c_password" not-null="true"/>
<property name="description" column="c_user_description" not-null="false"/>
+ <property name="lastLoggedIn" column="c_last_logged_in" not-null="false"/>
+ <property name="lastLoginIP" column="c_last_login_ip" not-null="false"/>
+ <property name="lastFailedLoginIP" column="c_last_failed_login_ip" not-null="false"/>
+ <property name="lastFailedLogIn" column="c_failed_login" not-null="false"/>
<set name="roles"
table="user_role_link_t" inverse="false" sort="unsorted" lazy="false">
<key column="c_user_id"/>
Modified: wsas/java/trunk/modules/core/src/org/wso2/wsas/ServerConstants.java
==============================================================================
--- wsas/java/trunk/modules/core/src/org/wso2/wsas/ServerConstants.java (original)
+++ wsas/java/trunk/modules/core/src/org/wso2/wsas/ServerConstants.java Sun Feb 4 20:45:37 2007
@@ -56,7 +56,11 @@
public static final String TRACER_MODULE = "wso2tracer";
public static final String STATISTICS_MODULE = "wso2statistics";
- public static final String LOGGED_IN = "logged.in";
+ public static final String ADMIN_LOGGED_IN = "wso2wsas.admin.logged.in";
+ public static final String LAST_ADMIN_LOGIN_IP = "wso2wsas.admin.login.ip";
+ public static final String LAST_ADMIN_LOGIN_TIME = "wso2wsas.admin.login.time";
+ public static final String LAST_FAILED_ADMIN_LOGIN_TIME = "wso2wsas.admin.login.failure.time";
+ public static final String LAST_FAILED_ADMIN_LOGIN_IP = "wso2wsas.admin.login.failure.ip";
public static final String SERVER_REGISTERED = "wso2wsas.server.registered";
Modified: wsas/java/trunk/modules/core/src/org/wso2/wsas/persistence/dataobject/ServiceUserDO.java
==============================================================================
--- wsas/java/trunk/modules/core/src/org/wso2/wsas/persistence/dataobject/ServiceUserDO.java (original)
+++ wsas/java/trunk/modules/core/src/org/wso2/wsas/persistence/dataobject/ServiceUserDO.java Sun Feb 4 20:45:37 2007
@@ -17,6 +17,7 @@
import java.util.HashSet;
import java.util.Set;
+import java.util.Date;
/**
* Data object representing a user of a service(s) in WSO2 WSAS
@@ -24,6 +25,10 @@
public class ServiceUserDO extends AbstractDataObject {
private String username;
private String password;
+ private Date lastLoggedIn;
+ private String lastLoginIP;
+ private String lastFailedLoginIP;
+ private Date lastFailedLogIn;
private Set services = new HashSet(); // many-many relatioship between services & service users
private Set roles = new HashSet(); // many-to-many relationship between users & roles.
@@ -101,4 +106,36 @@
public void setDescription(String description) {
this.description = description;
}
+
+ public Date getLastLoggedIn() {
+ return lastLoggedIn;
+ }
+
+ public void setLastLoggedIn(Date lastLoggedIn) {
+ this.lastLoggedIn = lastLoggedIn;
+ }
+
+ public Date getLastFailedLogIn() {
+ return lastFailedLogIn;
+ }
+
+ public void setLastFailedLogIn(Date lastFailedLogIn) {
+ this.lastFailedLogIn = lastFailedLogIn;
+ }
+
+ public String getLastLoginIP() {
+ return lastLoginIP;
+ }
+
+ public void setLastLoginIP(String lastLoginIP) {
+ this.lastLoginIP = lastLoginIP;
+ }
+
+ public String getLastFailedLoginIP() {
+ return lastFailedLoginIP;
+ }
+
+ public void setLastFailedLoginIP(String lastFailedLoginIP) {
+ this.lastFailedLoginIP = lastFailedLoginIP;
+ }
}
Modified: wsas/java/trunk/modules/samples/Chad/src/org/wso2/wsas/sample/chad/Chad.java
==============================================================================
--- wsas/java/trunk/modules/samples/Chad/src/org/wso2/wsas/sample/chad/Chad.java (original)
+++ wsas/java/trunk/modules/samples/Chad/src/org/wso2/wsas/sample/chad/Chad.java Sun Feb 4 20:45:37 2007
@@ -22,7 +22,7 @@
import org.wso2.wsas.sample.chad.data.*;
import org.apache.axis2.AxisFault;
import org.apache.axis2.context.MessageContext;
-import org.apache.axis2.util.UUIDGenerator;
+import org.apache.axiom.om.util.UUIDGenerator;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
@@ -178,11 +178,11 @@
AdminUser adminUser = getAdminCmd.getAdminUser();
if (adminUser != null && adminUser.getPassword().equals(password)) {
MessageContext.getCurrentMessageContext().getServiceGroupContext()
- .setProperty(ServerConstants.LOGGED_IN, "true");
+ .setProperty(ServerConstants.ADMIN_LOGGED_IN, "true");
return true;
} else {
MessageContext.getCurrentMessageContext().getServiceGroupContext()
- .setProperty(ServerConstants.LOGGED_IN, "false");
+ .setProperty(ServerConstants.ADMIN_LOGGED_IN, "false");
}
} catch (CommmandExecutionException e) {
log.error("Exception occurred while trying to login", e);
@@ -246,7 +246,7 @@
public synchronized void logout() {
MessageContext.getCurrentMessageContext().getServiceGroupContext()
- .setProperty(ServerConstants.LOGGED_IN, "false");
+ .setProperty(ServerConstants.ADMIN_LOGGED_IN, "false");
}
private void checkAuthentication() throws ChadAuthenticationException {
@@ -257,7 +257,7 @@
private boolean isAuthenticated() {
return "true".equals(MessageContext.getCurrentMessageContext()
- .getServiceGroupContext().getProperty(ServerConstants.LOGGED_IN));
+ .getServiceGroupContext().getProperty(ServerConstants.ADMIN_LOGGED_IN));
}
/**
More information about the Wsas-java-dev
mailing list