gmane.comp.cms.nuxeo.general

Authentication audit

            Hi all,

    I've found an interesting contribution to the audit service in 
authentication-audit-contrib.xml :

    <extension
        target="org.nuxeo.ecm.platform.audit.service.NXAuditEventsService"
        point="event">
        <event name="loginSuccess" />
        <event name="loginFailed" />
        <event name="logout" />
    </extension>

    Is there also a page where one can consult these logs ?

Cheers,
Narcis Paslaru

headers

Tiry | 7 May 11:25

Re: Authentication audit

Narcis Paslaru a écrit :
>            Hi all,
>
>    I've found an interesting contribution to the audit service in 
> authentication-audit-contrib.xml :
>
>    <extension
>        target="org.nuxeo.ecm.platform.audit.service.NXAuditEventsService"
>        point="event">
>        <event name="loginSuccess" />
>        <event name="loginFailed" />
>        <event name="logout" />
>    </extension>
>
>    Is there also a page where one can consult these logs ?
Nope, in the defaut webapp, only the logs associated to documents are 
visible.
But you can use Audit API to fetch these logs and disply them in a xhtml 
page.

>
> Cheers,
> Narcis Paslaru
> _______________________________________________
> ECM mailing list
> ECM@...
> http://lists.nuxeo.com/mailman/listinfo/ecm
>

headers

Narcis Paslaru | 7 May 11:35

Re: Authentication audit

Tiry wrote:
> Narcis Paslaru a écrit :
>>            Hi all,
>>
>>    I've found an interesting contribution to the audit service in 
>> authentication-audit-contrib.xml :
>>
>>    <extension
>>        
>> target="org.nuxeo.ecm.platform.audit.service.NXAuditEventsService"
>>        point="event">
>>        <event name="loginSuccess" />
>>        <event name="loginFailed" />
>>        <event name="logout" />
>>    </extension>
>>
>>    Is there also a page where one can consult these logs ?
> Nope, in the defaut webapp, only the logs associated to documents are 
> visible.
> But you can use Audit API to fetch these logs and disply them in a 
> xhtml page.
>
Cool, thanks !
>>
>> Cheers,
>> Narcis Paslaru
>> _______________________________________________
>> ECM mailing list
>> ECM@...
>> http://lists.nuxeo.com/mailman/listinfo/ecm

(Continue reading)

headers

Narcis Paslaru | 12 May 11:17

Re: Authentication audit

Hello Tiry,

Tiry wrote:

Narcis Paslaru a écrit :
           Hi all,

   I've found an interesting contribution to the audit service in authentication-audit-contrib.xml :

   <extension
       target="org.nuxeo.ecm.platform.audit.service.NXAuditEventsService"
       point="event">
       <event name="loginSuccess" />
       <event name="loginFailed" />
       <event name="logout" />
   </extension>

   Is there also a page where one can consult these logs ?

Nope, in the defaut webapp, only the logs associated to documents are visible.
But you can use Audit API to fetch these logs and disply them in a xhtml page.

I've developed the page, but it seems that there is a problem in the service implementation.
There are methods for retrieving events that are bounded to documents, and another method that only selects events, given an array of id's. Well, at least this is what the javadoc says.
There seams to be a problem implementing the IN operator in the query and it fails to list the needed events.

Do you plan to fix this soon, or do you know a workaround for this problem ?

Thanks a lot,
Narcis

PS : Here is the method I'm reffering to :

    <at> SuppressWarnings("unchecked")
    public List<LogEntry> queryLogs(String[] eventIds, String dateRange)
            throws AuditException {

        // :FIXME: This is not working remotelty since the LogEntryImpl returned
        // is not within the api package.

        if (eventIds == null || eventIds.length == 0) {
            throw new AuditException("You must give a not null eventId");
        }
        log.debug("queryLogs() whereClause=" + eventIds);
        Class<LogEntry> klass = getLogEntryClass();

        List<LogEntry> results = new ArrayList<LogEntry>();

        Date limit = null;
        try {
            limit = DateRangeParser.parseDateRangeQuery(new Date(), dateRange);
        } catch (AuditQueryException aqe) {
            throw new AuditException("Wrong date range query. Query was "
                    + dateRange, aqe);
        }

        // :FIXME: Can't append to find the damned right syntax to build a
        // dynamic list for the IN statement.
        for (String eventId : eventIds) {
            Query query = em.createQuery("from "
                    + klass.getSimpleName()
                    + " log where log.eventId=:eventId" // :FIXME:
                    + " AND log.eventDate >= :date"
                    + " ORDER BY log.eventDate DESC");
            query.setParameter("eventId", eventId);
            query.setParameter("date", limit);

            results.addAll(query.getResultList());
        }

        List<LogEntry> returned = new ArrayList<LogEntry>();
        for (LogEntry entry : results) {
            returned.add(getLogEntryFactory().createLogEntryBase(entry));
        }

        return returned;
    }

Cheers,
Narcis Paslaru
_______________________________________________
ECM mailing list
ECM-FQDHc1wsLCVb90+sfpvX0g@public.gmane.org
http://lists.nuxeo.com/mailman/listinfo/ecm

_______________________________________________
ECM mailing list
ECM@...
http://lists.nuxeo.com/mailman/listinfo/ecm

headers

Tiry | 12 May 15:37

Re: Authentication audit

I am working on this Narcis : making Audit API cleaner and more usefull.

Tiry

Narcis Paslaru a écrit :
> Hello Tiry,
>
> Tiry wrote:
>> Narcis Paslaru a écrit :
>>>            Hi all,
>>>
>>>    I've found an interesting contribution to the audit service in 
>>> authentication-audit-contrib.xml :
>>>
>>>    <extension
>>>        
>>> target="org.nuxeo.ecm.platform.audit.service.NXAuditEventsService"
>>>        point="event">
>>>        <event name="loginSuccess" />
>>>        <event name="loginFailed" />
>>>        <event name="logout" />
>>>    </extension>
>>>
>>>    Is there also a page where one can consult these logs ?
>> Nope, in the defaut webapp, only the logs associated to documents are 
>> visible.
>> But you can use Audit API to fetch these logs and disply them in a 
>> xhtml page.
>>
> I've developed the page, but it seems that there is a problem in the 
> service implementation.
> There are methods for retrieving events that are bounded to documents, 
> and another method that only selects events, given an array of id's. 
> Well, at least this is what the javadoc says.
> There seams to be a problem implementing the IN operator in the query 
> and it fails to list the needed events.
>
> Do you plan to fix this soon, or do you know a workaround for this 
> problem ?
>
> Thanks a lot,
> Narcis
>
> PS : Here is the method I'm reffering to :
>
>     @SuppressWarnings("unchecked")
>     public List<LogEntry> *queryLogs*(String[] eventIds, String dateRange)
>             throws AuditException {
>
>         *// :FIXME: This is not working remotelty since the 
> LogEntryImpl returned
>         // is not within the api package.*
>
>         if (eventIds == null || eventIds.length == 0) {
>             throw new AuditException("You must give a not null eventId");
>         }
>         log.debug("queryLogs() whereClause=" + eventIds);
>         Class<LogEntry> klass = getLogEntryClass();
>
>         List<LogEntry> results = new ArrayList<LogEntry>();
>
>         Date limit = null;
>         try {
>             limit = DateRangeParser.parseDateRangeQuery(new Date(), 
> dateRange);
>         } catch (AuditQueryException aqe) {
>             throw new AuditException("Wrong date range query. Query was "
>                     + dateRange, aqe);
>         }
>
>         *// :FIXME: Can't append to find the damned right syntax to 
> build a
>         // dynamic list for the IN statement.*
>         for (String eventId : eventIds) {
>             Query query = em.createQuery("from "
>                     + klass.getSimpleName()
>                     *+ " log where log.eventId=:eventId" // :FIXME:*
>                     + " AND log.eventDate >= :date"
>                     + " ORDER BY log.eventDate DESC");
>             query.setParameter("eventId", eventId);
>             query.setParameter("date", limit);
>
>             results.addAll(query.getResultList());
>         }
>
>         List<LogEntry> returned = new ArrayList<LogEntry>();
>         for (LogEntry entry : results) {
>             returned.add(getLogEntryFactory().createLogEntryBase(entry));
>         }
>
>         return returned;
>     }
>
>
>>>
>>> Cheers,
>>> Narcis Paslaru
>>> _______________________________________________
>>> ECM mailing list
>>> ECM@...
>>> http://lists.nuxeo.com/mailman/listinfo/ecm
>>>
>>
>>
>

headers

Narcis Paslaru | 12 May 16:17

Re: Authentication audit

Hi again,

Apearently I was using it the wrong way. I've put the eventIds, but null 
for the dateRange.
And it searches for events that happened only after the search is done, 
so that's why it doensn't find any.
Can you give me some pointers on what to put in the dateRange parameter, 
so I would get all the events for the last week for example.
Anyway, it would be very nice if we could search more in detail, like 
between certain dates, or all the events that were triggered by a 
certain user.

Thanks a lot,
Narcis

Tiry wrote:
> I am working on this Narcis : making Audit API cleaner and more usefull.
>
>
> Tiry
>
> Narcis Paslaru a écrit :
>> Hello Tiry,
>>
>> Tiry wrote:
>>> Narcis Paslaru a écrit :
>>>>            Hi all,
>>>>
>>>>    I've found an interesting contribution to the audit service in 
>>>> authentication-audit-contrib.xml :
>>>>
>>>>    <extension
>>>>        
>>>> target="org.nuxeo.ecm.platform.audit.service.NXAuditEventsService"
>>>>        point="event">
>>>>        <event name="loginSuccess" />
>>>>        <event name="loginFailed" />
>>>>        <event name="logout" />
>>>>    </extension>
>>>>
>>>>    Is there also a page where one can consult these logs ?
>>> Nope, in the defaut webapp, only the logs associated to documents 
>>> are visible.
>>> But you can use Audit API to fetch these logs and disply them in a 
>>> xhtml page.
>>>
>> I've developed the page, but it seems that there is a problem in the 
>> service implementation.
>> There are methods for retrieving events that are bounded to 
>> documents, and another method that only selects events, given an 
>> array of id's. Well, at least this is what the javadoc says.
>> There seams to be a problem implementing the IN operator in the query 
>> and it fails to list the needed events.
>>
>> Do you plan to fix this soon, or do you know a workaround for this 
>> problem ?
>>
>> Thanks a lot,
>> Narcis
>>
>> PS : Here is the method I'm reffering to :
>>
>>     @SuppressWarnings("unchecked")
>>     public List<LogEntry> *queryLogs*(String[] eventIds, String 
>> dateRange)
>>             throws AuditException {
>>
>>         *// :FIXME: This is not working remotelty since the 
>> LogEntryImpl returned
>>         // is not within the api package.*
>>
>>         if (eventIds == null || eventIds.length == 0) {
>>             throw new AuditException("You must give a not null 
>> eventId");
>>         }
>>         log.debug("queryLogs() whereClause=" + eventIds);
>>         Class<LogEntry> klass = getLogEntryClass();
>>
>>         List<LogEntry> results = new ArrayList<LogEntry>();
>>
>>         Date limit = null;
>>         try {
>>             limit = DateRangeParser.parseDateRangeQuery(new Date(), 
>> dateRange);
>>         } catch (AuditQueryException aqe) {
>>             throw new AuditException("Wrong date range query. Query 
>> was "
>>                     + dateRange, aqe);
>>         }
>>
>>         *// :FIXME: Can't append to find the damned right syntax to 
>> build a
>>         // dynamic list for the IN statement.*
>>         for (String eventId : eventIds) {
>>             Query query = em.createQuery("from "
>>                     + klass.getSimpleName()
>>                     *+ " log where log.eventId=:eventId" // :FIXME:*
>>                     + " AND log.eventDate >= :date"
>>                     + " ORDER BY log.eventDate DESC");
>>             query.setParameter("eventId", eventId);
>>             query.setParameter("date", limit);
>>
>>             results.addAll(query.getResultList());
>>         }
>>
>>         List<LogEntry> returned = new ArrayList<LogEntry>();
>>         for (LogEntry entry : results) {
>>             
>> returned.add(getLogEntryFactory().createLogEntryBase(entry));
>>         }
>>
>>         return returned;
>>     }
>>
>>
>>>>
>>>> Cheers,
>>>> Narcis Paslaru
>>>> _______________________________________________
>>>> ECM mailing list
>>>> ECM@...
>>>> http://lists.nuxeo.com/mailman/listinfo/ecm
>>>>
>>>
>>>
>>
>
>

headers

Tiry | 12 May 23:37

Re: Authentication audit

Hi,

Format is xxmyyh
where :
 - xx is the number of minutes
 - yy is the number of hours

Tiry

Narcis Paslaru a écrit :
> Hi again,
>
> Apearently I was using it the wrong way. I've put the eventIds, but 
> null for the dateRange.
> And it searches for events that happened only after the search is 
> done, so that's why it doensn't find any.
> Can you give me some pointers on what to put in the dateRange 
> parameter, so I would get all the events for the last week for example.
> Anyway, it would be very nice if we could search more in detail, like 
> between certain dates, or all the events that were triggered by a 
> certain user.
>
> Thanks a lot,
> Narcis
>
>
>
> Tiry wrote:
>> I am working on this Narcis : making Audit API cleaner and more usefull.
>>
>>
>> Tiry
>>
>> Narcis Paslaru a écrit :
>>> Hello Tiry,
>>>
>>> Tiry wrote:
>>>> Narcis Paslaru a écrit :
>>>>>            Hi all,
>>>>>
>>>>>    I've found an interesting contribution to the audit service in 
>>>>> authentication-audit-contrib.xml :
>>>>>
>>>>>    <extension
>>>>>        
>>>>> target="org.nuxeo.ecm.platform.audit.service.NXAuditEventsService"
>>>>>        point="event">
>>>>>        <event name="loginSuccess" />
>>>>>        <event name="loginFailed" />
>>>>>        <event name="logout" />
>>>>>    </extension>
>>>>>
>>>>>    Is there also a page where one can consult these logs ?
>>>> Nope, in the defaut webapp, only the logs associated to documents 
>>>> are visible.
>>>> But you can use Audit API to fetch these logs and disply them in a 
>>>> xhtml page.
>>>>
>>> I've developed the page, but it seems that there is a problem in the 
>>> service implementation.
>>> There are methods for retrieving events that are bounded to 
>>> documents, and another method that only selects events, given an 
>>> array of id's. Well, at least this is what the javadoc says.
>>> There seams to be a problem implementing the IN operator in the 
>>> query and it fails to list the needed events.
>>>
>>> Do you plan to fix this soon, or do you know a workaround for this 
>>> problem ?
>>>
>>> Thanks a lot,
>>> Narcis
>>>
>>> PS : Here is the method I'm reffering to :
>>>
>>>     @SuppressWarnings("unchecked")
>>>     public List<LogEntry> *queryLogs*(String[] eventIds, String 
>>> dateRange)
>>>             throws AuditException {
>>>
>>>         *// :FIXME: This is not working remotelty since the 
>>> LogEntryImpl returned
>>>         // is not within the api package.*
>>>
>>>         if (eventIds == null || eventIds.length == 0) {
>>>             throw new AuditException("You must give a not null 
>>> eventId");
>>>         }
>>>         log.debug("queryLogs() whereClause=" + eventIds);
>>>         Class<LogEntry> klass = getLogEntryClass();
>>>
>>>         List<LogEntry> results = new ArrayList<LogEntry>();
>>>
>>>         Date limit = null;
>>>         try {
>>>             limit = DateRangeParser.parseDateRangeQuery(new Date(), 
>>> dateRange);
>>>         } catch (AuditQueryException aqe) {
>>>             throw new AuditException("Wrong date range query. Query 
>>> was "
>>>                     + dateRange, aqe);
>>>         }
>>>
>>>         *// :FIXME: Can't append to find the damned right syntax to 
>>> build a
>>>         // dynamic list for the IN statement.*
>>>         for (String eventId : eventIds) {
>>>             Query query = em.createQuery("from "
>>>                     + klass.getSimpleName()
>>>                     *+ " log where log.eventId=:eventId" // :FIXME:*
>>>                     + " AND log.eventDate >= :date"
>>>                     + " ORDER BY log.eventDate DESC");
>>>             query.setParameter("eventId", eventId);
>>>             query.setParameter("date", limit);
>>>
>>>             results.addAll(query.getResultList());
>>>         }
>>>
>>>         List<LogEntry> returned = new ArrayList<LogEntry>();
>>>         for (LogEntry entry : results) {
>>>             
>>> returned.add(getLogEntryFactory().createLogEntryBase(entry));
>>>         }
>>>
>>>         return returned;
>>>     }
>>>
>>>
>>>>>
>>>>> Cheers,
>>>>> Narcis Paslaru
>>>>> _______________________________________________
>>>>> ECM mailing list
>>>>> ECM@...
>>>>> http://lists.nuxeo.com/mailman/listinfo/ecm
>>>>>
>>>>
>>>>
>>>
>>
>>
>
>