Hi,
I've configured inspektr audits to be stored in a database, in CAS 4.0.
Happens that too many records are stored. More than 7 million in our
deployment, in two months.
I want to configure it in order to store just the AUTHENTICATION_SUCCESS and
AUTHENTICATION_FAILED events. By the way, it would also be great if the
AUD_USER field was populated (always appears as audit:unknown).
I've tried to comment out some parts of the auditTrailContext.xml file
(attached to this post), and it works, but somehow it breaks the flow: the app
no longer redirects to the login succeeded/failed views.
Any help? Thank you!
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
<?xml version="1.0" encoding="UTF-8"?>
<!--
Licensed to Jasig under one or more contributor license
agreements. See the NOTICE file distributed with this work
for additional information regarding copyright ownership.
Jasig licenses this file to you under the Apache License,
Version 2.0 (the "License"); you may not use this file
except in compliance with the License. You may obtain a
copy of the License at the following location:
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<beans xmlns="http://www.springframework.org/schema/beans";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xmlns:aop="http://www.springframework.org/schema/aop";
xmlns:p="http://www.springframework.org/schema/p";
xmlns:c="http://www.springframework.org/schema/c";
xmlns:util="http://www.springframework.org/schema/util";
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd";>
<description>
Configuration file for the Inspektr package which handles auditing for Java applications.
If enabled this should be modified to log audit information the same way
your local applications do. The default is currently to log to the console which is good
for debugging/testing purposes.
</description>
<aop:aspectj-autoproxy/>
<bean id="auditTrailManagementAspect" class="com.github.inspektr.audit.AuditTrailManagementAspect"
c:applicationCode="CAS" c:auditablePrincipalResolver-ref="auditablePrincipalResolver"
c:auditTrailManagers-ref="auditTrailManager" c:auditActionResolverMap-ref="auditActionResolverMap"
c:auditResourceResolverMap-ref="auditResourceResolverMap" />
<util:map id="auditActionResolverMap">
<entry key="AUTHENTICATION_RESOLVER">
<ref local="authenticationActionResolver" />
</entry>
<!-- <entry key="CREATE_TICKET_GRANTING_TICKET_RESOLVER"> -->
<!-- <ref local="ticketCreationActionResolver" /> -->
<!-- </entry> -->
<!-- <entry key="DESTROY_TICKET_GRANTING_TICKET_RESOLVER"> -->
<!-- <bean class="com.github.inspektr.audit.spi.support.DefaultAuditActionResolver" /> -->
<!-- </entry> -->
<!-- <entry key="GRANT_SERVICE_TICKET_RESOLVER"> -->
<!-- <ref local="ticketCreationActionResolver" /> -->
<!-- </entry> -->
<!-- <entry key="GRANT_PROXY_GRANTING_TICKET_RESOLVER"> -->
<!-- <ref local="ticketCreationActionResolver" /> -->
<!-- </entry> -->
<!-- <entry key="VALIDATE_SERVICE_TICKET_RESOLVER"> -->
<!-- <ref local="ticketValidationActionResolver" /> -->
<!-- </entry> -->
</util:map>
<util:map id="auditResourceResolverMap">
<entry key="AUTHENTICATION_RESOURCE_RESOLVER">
<bean class="org.jasig.cas.audit.spi.CredentialsAsFirstParameterResourceResolver" />
</entry>
<!-- <entry key="CREATE_TICKET_GRANTING_TICKET_RESOURCE_RESOLVER"> -->
<!-- <ref local="returnValueResourceResolver" /> -->
<!-- </entry> -->
<!-- <entry key="DESTROY_TICKET_GRANTING_TICKET_RESOURCE_RESOLVER"> -->
<!-- <ref local="ticketResourceResolver" /> -->
<!-- </entry> -->
<!-- <entry key="GRANT_SERVICE_TICKET_RESOURCE_RESOLVER"> -->
<!-- <bean class="org.jasig.cas.audit.spi.ServiceResourceResolver" /> -->
<!-- </entry> -->
<!-- <entry key="GRANT_PROXY_GRANTING_TICKET_RESOURCE_RESOLVER"> -->
<!-- <ref local="returnValueResourceResolver" /> -->
<!-- </entry> -->
<!-- <entry key="VALIDATE_SERVICE_TICKET_RESOURCE_RESOLVER"> -->
<!-- <ref local="ticketResourceResolver" /> -->
<!-- </entry> -->
</util:map>
<bean id="auditablePrincipalResolver" class="org.jasig.cas.audit.spi.TicketOrCredentialPrincipalResolver"
c:ticketRegistry-ref="ticketRegistry" />
<bean id="authenticationActionResolver"
class="com.github.inspektr.audit.spi.support.DefaultAuditActionResolver"
c:successSuffix="_SUCCESS" c:failureSuffix="_FAILED" />
<!-- <bean id="ticketCreationActionResolver" -->
<!-- class="com.github.inspektr.audit.spi.support.DefaultAuditActionResolver" -->
<!-- c:successSuffix="_CREATED" c:failureSuffix="_NOT_CREATED" /> -->
<!-- <bean id="ticketValidationActionResolver" -->
<!-- class="com.github.inspektr.audit.spi.support.DefaultAuditActionResolver" -->
<!-- c:successSuffix="D" c:failureSuffix="_FAILED" /> -->
<!-- <bean id="returnValueResourceResolver" -->
<!-- class="com.github.inspektr.audit.spi.support.ReturnValueAsStringResourceResolver" /> -->
<!-- <bean id="ticketResourceResolver" -->
<!-- class="org.jasig.cas.audit.spi.TicketAsFirstParameterResourceResolver" /> -->
<!-- Additional config in order to store audits in a database -->
<bean id="inspektrTransactionManager"
class="org.springframework.jdbc.datasource.DataSourceTransactionManager"
p:dataSource-ref="dataSource"
/>
<bean id="inspektrTransactionTemplate"
class="org.springframework.transaction.support.TransactionTemplate"
p:transactionManager-ref="inspektrTransactionManager"
p:isolationLevelName="ISOLATION_READ_COMMITTED"
p:propagationBehaviorName="PROPAGATION_REQUIRED"
/>
<bean id="auditManager" class="com.github.inspektr.audit.support.JdbcAuditTrailManager">
<constructor-arg index="0" ref="inspektrTransactionTemplate" />
<property name="dataSource" ref="dataSource" />
</bean>
</beans>
