Github user sstults commented on a diff in the pull request: https://github.com/apache/lucene-solr/pull/342#discussion_r209098033 --- Diff: solr/core/src/java/org/apache/solr/security/AuditEvent.java --- @@ -0,0 +1,388 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.solr.security; + +import javax.servlet.http.HttpServletRequest; +import java.lang.invoke.MethodHandles; +import java.security.Principal; +import java.util.Date; +import java.util.Enumeration; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import java.util.stream.Collectors; + +import org.apache.solr.common.SolrException; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import static org.apache.solr.security.AuditEvent.EventType.ANONYMOUS; + +/** + * Audit event that takes request and auth context as input to be able to audit log custom things + */ +public class AuditEvent { + private static final Logger log = LoggerFactory.getLogger(MethodHandles.lookup().lookupClass()); + + private String message; + private Level level; + private Date date; + private String username; + private String session; + private String clientIp; + private List<String> collections; + private Map<String, Object> context; + private HashMap<String, String> headers; + private Map<String, Object> solrParams; + private String solrHost; + private int solrPort; + private String solrIp; + private String resource; + private String httpMethod; + private String queryString; + private EventType eventType; + private AuthorizationResponse autResponse; + private String requestType; + private double QTime = -1; + private int status = 0; + private Throwable exception; + + /* Predefined event types. Custom types can be made through constructor */ + public enum EventType { + AUTHENTICATED("Authenticated", "User successfully authenticated", Level.INFO), + REJECTED("Rejected", "Authentication request rejected", Level.WARN), + ANONYMOUS("Anonymous", "Request proceeds with unknown user", Level.INFO), + ANONYMOUS_REJECTED("AnonymousRejected", "Request from unknown user rejected", Level.WARN), + AUTHORIZED("Authorized", "Authorization succeeded", Level.INFO), + UNAUTHORIZED("Unauthorized", "Authorization failed", Level.WARN), + COMPLETED("Completed", "Request completed", Level.INFO), --- End diff -- Changing COMPLETED to Level.WARN would let loggers log each request once but skip the intermediate INFO-level events. But maybe the level of this particular type should be configurable.
--- --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org