cas⼊门之⼗⼋:cas审计⽇志Inspektr(上) cas 的审记⽇志⽤到了Inspektr。Inspektr是什么呢?带着这个问题,查了它的官⽹le/p/inspektr/ 现在源代码移到了github/dima767/inspektr,代码结构并且进⾏了重构。
简⽽⾔之Inspektr就是⼀个很⼩的⽆侵⼊的审计⽇志jar包。它对于spring所托管的bean可以从如何⼏个⽅⾯去捕获记录系统运⾏时的信息: The WHO: who performed an action being audited. ⽤户名字
The WHAT: what system resource being targeted by this audited action 被审记动作所涉及到的系统资源
The ACTION: what audited action is being performed 被执⾏的动作名字
The APPLICATION_CODE: an arbitrary string token identifying application running an audited action 服务器所运⾏的应⽤名字 The WHEN: a timestamp of an audited action 被审记动作发⽣的时间点
The CLIENT_IP: an IP address of the client invoking an audited action 客户端的ip
The SERVER_IP: an IP address of the server running an audited action 服务器的ip
这个不是很好理解, 但是对于cas在后台我们能看到如下的⽇志信息:
2014-07-06 13:50:49,892 INFO [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit trail record BEGIN
=============================================================
日志审计WHO: [username: test]
WHAT: TGT-188644-45bCO36lTf0pMGywb0sk4zOglGascrPZhsuHF5cGbRLPsuWRTN-localhost
ACTION: TICKET_GRANTING_TICKET_CREATED
APPLICATION: CAS
WHEN: Sun Jul 06 13:50:49 CST 2014
CLIENT IP ADDRESS: 192.168.0.110
SERVER IP ADDRESS: 192.168.0.110
=============================================================
Inspektr的框架很简单,它涉到了3个主要的类:
AuditActionContext:审计信息的聚集地,即所有审记的信息,都在这个类中;
AuditTrailManager: 审计数据中⼼接⼝;
AuditTrailManagementAspect: 审计点的配置
另外对于主要的组件类,Inspektr定义了如下插件式的策略接⼝来解决WHO, WHAT, ACTION, CLIENT_IP 及 SERVER_IP 审记数据: PrincipalResolver: WHO解析器,即解析出WHO
AuditResourceResolver: WHAT解析器,即解析出WHAT
AuditActionResolver: ACTION解析器
ClientInfoResolver: CLIENT_IP 与 SERVER_IP解析器
Audit , Audits: ⽅法注解,⽤于标识审计点.
在默认情况部下,Inspektr提供了如下的实现类:
ConsoleAuditTrailManager:将审计信息输出到控制台; Slf4jLoggingAuditTrailManager:将审计信息输出到系统所⽤的⽇志框架中;
JdbcAuditTrailManager:将审计信息输出到数据库。
Inspektr的配置步骤很简单:
1.通过spring的aop⾃动代理或者aspectj的织⼊功能⾃动载⼊AuditTrailManagementAspect
2.要l中配置com.github.inspektrmon.web.ClientInfoThreadLocalFilter
3.配置 AuditTrailManagers,所有的解析器都包装在AuditTrailManagementAspect中;
4.定义审计点.
豫公网安备41160202000603
站长QQ:729038198
关于我们
投诉建议