Skip to main content

Custom Audit Module in Glassfish 3.0.2

No replies
alyai
Offline
Joined: 2012-12-08
Points: 0

I need to configure custom Audit Module in Glassfish. I've tried to configure it according to Glassfish security guide, in particular THIS guide:

Developing a new auditing module is as easy as extending com.sun.appserv.security.AuditModule, which is an abstract class, and overriding methods that handle different security events in a way that suits our needs. The following snippet shows methods that we can override to treat security events the way we need.
public abstract class AuditModule {
       Properties props = null;
       public void init(Properties props) {
           this.props = props;
       }
       public void authentication(String user, String realm,
         boolean success) {    }
       public void webInvocation(String user, HttpServletRequest req,
         String type, boolean success) {    }
       public void ejbInvocation(String user, String ejb, String method,
         boolean success) {    }
       public void webServiceInvocation(String uri, String endpoint,
         boolean success) {    }
       public void ejbAsWebServiceInvocation(String endpoint,
         boolean success) {    }
       public void serverStarted() {    }
       public void serverShutdown() {    }
   }

For example, we need to get notified when container-managed authentication fails three times in a row. We can override the authentication method and send a notification e-mail in the case that we have three failed authentications in matter of five minutes or so. After we develop the auditing module, which can be as small as a single class or as large as a complete library involving data access, JDBC, JavaMail, and so on, we should put related JAR files in the application server, such as inside the domain_dir/ lib directory or by extending the classpath variable from Administration Console at Application Server | JVM Settings | Path Settings After that we can add the module to the set of application server auditing modules. The process is straightforward using the asadmin utility of the Administration Console. For example:
asadmin create-audit-module --classname
glassfish.book.security.chapter4.SampleAuditModule --property
datasourceName=auditSource SampleAuditor

Securing GlassFish Environment The above command will add an auditing module named SampleAuditor based on an auditing module implementation named book.glassfish.security. chapter4.SampleAuditModule. We can pass as many initialization properties as required using the standard asadmin format. These properties form the props object that we can access inside the init method. After we create the new auditing module we should add it to the set of registered auditing modules which receive the security notifications using the asadmin or Administration Console. Registering the auditing module using the asadmin is as simple as executing the following command:
asadmin set server-config.security-service.audit_modules=default,SampleAuditor
Now we have our auditing installed and activated. We only need to restart the server to make the changes effective.

I've done all steps, created MyAudit class that extends com.sun.appserv.security.AuditModule - like that:

package org.company.audit;

import com.sun.appserv.security.AuditModule;
import java.util.Properties;
import javax.servlet.http.HttpServletRequest;

public abstract class MyAudit extends AuditModule{
protected Properties props = null;

    /**
     * Method is invoked at server startup, during AuditModule initialization.
     * If method returns without any exception then S1AS assumes that the module
     * is ready to serve any requests.
     * @param props the properties for the AuditModule. These properties are
     * defined in the domain.xml
     */
    @Override
    public void init(Properties props) {
        this.props = props;
    }

    /**
     * Invoked post authentication request for a user in a given realm
     * @param user username for whom the authentication request was made
     * @param realm the realm name under which the user is authenticated.
     * @param success the status of the authentication
     */

    @Override
    public void authentication(String user, String realm, boolean success) {
    }

    /**
     * Invoked post web authorization request.
     * @param user the username for whom the authorization was performed
     * @param req the HttpRequest object for the web request
     * @param type the permission type, hasUserDataPermission
     * or hasResourcePermission.
     * @param success the status of the web authorization request
     */

    @Override
    public void webInvocation(String user, HttpServletRequest req,
            String type, boolean success) {
    }
    /**
     * Invoked post ejb authorization request.
     * @param user the username for whom the authorization was performed
     * @param ejb the ejb name for which this authorization was performed
     * @param method the method name for which this authorization was performed
     * @param success the status of the ejb authorization request
     */

    @Override
    public void ejbInvocation(String user, String ejb, String method, boolean success) {
    }

    /**
     * Invoked during validation of the web service request
     * @param uri The URL representation of the web service endpoint
     * @param endpoint The name of the endpoint representation
     * @param success the status of the web service request validation
     */

    @Override
    public void webServiceInvocation(String uri, String endpoint, boolean success) {
    }

    /**
     * Invoked during validation of the web service request
     * @param endpoint The representation of the web service endpoint
     * @param success the status of the web service request validation
     */

    @Override
    public void ejbAsWebServiceInvocation(String endpoint, boolean success) {
    }

    /**
     * Invoked upon completion of the server startup
     */

    @Override
    public void serverStarted() {
    }

    /**
     * Invoked upon completion of the server shutdown
     */

    @Override
    public void serverShutdown() {
    }
}

I've copied MyAudit.JAR file into /glassfish/domains/domain1/lib folder. Runned asadmin commands, restarted server and new Audit Module appeared in glassfish admin panel. But I'm recieving exeption and not getting any Audit logs in server.xml:

27T23:18:29.749+0200|WARNING|glassfish3.1.2|javax.enterprise.system.core.security.com.sun.enterprise.security.audit|_ThreadID=1;_ThreadName=Thread-2;|Audit: Cannot load AuditModule = MyAudit
java.lang.InstantiationException
    at sun.reflect.InstantiationExceptionConstructorAccessorImpl.newInstance(InstantiationExceptionConstructorAccessorImpl.java:48)
    at java.lang.reflect.Constructor.newInstance(Constructor.java:525)
    at java.lang.Class.newInstance0(Class.java:372)
    at java.lang.Class.newInstance(Class.java:325)
    at com.sun.enterprise.security.audit.AuditManager.loadAuditModule(AuditManager.java:249)
    at com.sun.enterprise.security.audit.AuditManager.loadAuditModules(AuditManager.java:169)
    at com.sun.enterprise.security.SecurityLifecycle.onInitialization(SecurityLifecycle.java:195)
    at com.sun.enterprise.security.SecurityLifecycle.postConstruct(SecurityLifecycle.java:251)
    at com.sun.hk2.component.AbstractCreatorImpl.inject(AbstractCreatorImpl.java:131)
    at com.sun.hk2.component.ConstructorCreator.initialize(ConstructorCreator.java:91)
    at com.sun.hk2.component.AbstractCreatorImpl.get(AbstractCreatorImpl.java:82)
    at com.sun.hk2.component.SingletonInhabitant.get(SingletonInhabitant.java:67)
    at com.sun.hk2.component.EventPublishingInhabitant.get(EventPublishingInhabitant.java:139)
    at com.sun.hk2.component.AbstractInhabitantImpl.get(AbstractInhabitantImpl.java:78)
    at com.sun.enterprise.security.SecuritySniffer.setup(SecuritySniffer.java:109)
    at com.sun.enterprise.v3.server.ContainerStarter.startContainer(ContainerStarter.java:116)
    at com.sun.enterprise.v3.server.ApplicationLifecycle.setupContainer(ApplicationLifecycle.java:943)
    at com.sun.enterprise.v3.server.ApplicationLifecycle.setupContainerInfos(ApplicationLifecycle.java:651)
    at com.sun.enterprise.v3.server.ApplicationLifecycle.deploy(ApplicationLifecycle.java:368)
    at com.sun.enterprise.v3.server.ApplicationLoaderService.processApplication(ApplicationLoaderService.java:375)
    at com.sun.enterprise.v3.server.ApplicationLoaderService.postConstruct(ApplicationLoaderService.java:219)
    at com.sun.hk2.component.AbstractCreatorImpl.inject(AbstractCreatorImpl.java:131)
    at com.sun.hk2.component.ConstructorCreator.initialize(ConstructorCreator.java:91)
    at com.sun.hk2.component.AbstractCreatorImpl.get(AbstractCreatorImpl.java:82)
    at com.sun.hk2.component.SingletonInhabitant.get(SingletonInhabitant.java:67)
    at com.sun.hk2.component.EventPublishingInhabitant.get(EventPublishingInhabitant.java:139)
    at com.sun.hk2.component.AbstractInhabitantImpl.get(AbstractInhabitantImpl.java:78)
    at com.sun.enterprise.v3.server.AppServerStartup.run(AppServerStartup.java:253)
    at com.sun.enterprise.v3.server.AppServerStartup.doStart(AppServerStartup.java:145)
    at com.sun.enterprise.v3.server.AppServerStartup.start(AppServerStartup.java:136)
    at com.sun.enterprise.glassfish.bootstrap.GlassFishImpl.start(GlassFishImpl.java:79)
    at com.sun.enterprise.glassfish.bootstrap.GlassFishDecorator.start(GlassFishDecorator.java:63)
    at com.sun.enterprise.glassfish.bootstrap.osgi.OSGiGlassFishImpl.start(OSGiGlassFishImpl.java:69)
    at com.sun.enterprise.glassfish.bootstrap.GlassFishMain$Launcher.launch(GlassFishMain.java:117)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:601)
    at com.sun.enterprise.glassfish.bootstrap.GlassFishMain.main(GlassFishMain.java:97)
    at com.sun.enterprise.glassfish.bootstrap.ASMain.main(ASMain.java:55)
|#]

Can anyone help to find out what is my mistake?