locallogsessionbean.java

JAVA做的J2EE下CA认证系统 基于EJB开发

    /**
     * Overloaded function that also logs an exception
     * See function above for more documentation.
     *
     * @param exception the exception that has occured
     *
     * @ejb.interface-method view-type="both"
     * @ejb.transaction type="RequiresNew"
     *
     */
    public void log(Admin admin, int caid, int module, Date time, String username, X509Certificate certificate, int event, String comment, Exception exception) {
        doLog(admin, caid, module, time, username, certificate, event, comment, exception);
    }

    /**
     * Same as above but with the difference of CAid which is taken from the issuerdn of given certificate.
     *
     * @ejb.interface-method view-type="both"
     * @ejb.transaction type="RequiresNew"
     */
    public void log(Admin admin, X509Certificate caid, int module, Date time, String username, X509Certificate certificate, int event, String comment, Exception exception) {
        log(admin, CertTools.getIssuerDN(caid).hashCode(), module, time, username, certificate, event, comment, exception);
    } // log


    /**
     * Internal implementation for loggin
     */
    private void doLog(Admin admin, int caid, int module, Date time, String username, X509Certificate certificate, int event, String comment, Exception ex) {
        final LogConfiguration config = loadLogConfiguration(caid);
        if (config.logEvent(event)) {
            try {
                if (config.useLogDB()) {
                    logDB(admin, caid, module, time, username, certificate, event, comment);
                }
            } finally {
                // make sure to log here if the db fails
                if (config.useExternalLogDevices()) {
                    logExternal(admin, caid, module, time, username, certificate, event, comment, ex);
                }
            }
        }
    }

    /**
     * Make use of the external loggers
     */
    private void logExternal(Admin admin, int caid, int module, Date time, String username, X509Certificate certificate, int event, String comment, Exception ex) {
        Iterator i = logdevices.iterator();
        while (i.hasNext()) {
            ILogDevice dev = (ILogDevice) i.next();
            dev.log(admin, caid, module, time, username, certificate, event, comment, ex);
        }
    }

    /**
     * Log everything in the database using the log entity bean
     */
    private void logDB(Admin admin, int caid, int module, Date time, String username, X509Certificate certificate, int event, String comment)
            throws EJBException {
        try {
            String uid = certificate == null ? null : certificate.getSerialNumber().toString(16) + "," + certificate.getIssuerDN().toString();
            Integer id = getAndIncrementRowCount();
            logentryhome.create(id, admin.getAdminType(), admin.getAdminData(), caid, module, time, username, uid, event, comment);
        } catch (DuplicateKeyException e) {
            // FIXME we are losing a db audit entry in this case, what do we do ?
            getAndIncrementRowCount();
        } catch (CreateException e) {
            throw new EJBException(e);
        }
    }


    /**
     * Method to execute a customized query on the log db data. The parameter query should be a legal Query object.
     *
     * @param query a number of statments compiled by query class to a SQL 'WHERE'-clause statment.
     * @param viewlogprivileges is a sql query string returned by a LogAuthorization object.
     * @return a collection of LogEntry. Maximum size of Collection is defined i ILogSessionRemote.MAXIMUM_QUERY_ROWCOUNT
     * @throws IllegalQueryException when query parameters internal rules isn't fullfilled.
     * @see se.anatom.ejbca.util.query.Query
     *
     * @ejb.interface-method view-type="both"
     * @ejb.transaction type="Supports"
     *
     */
    public Collection query(Query query, String viewlogprivileges, String capriviledges) throws IllegalQueryException {
        debug(">query()");
        if (capriviledges == null || capriviledges.length() == 0 || !query.isLegalQuery()) {
            throw new IllegalQueryException();
        }

        Connection con = null;
        PreparedStatement ps = null;
        ResultSet rs = null;
        try {
            // Construct SQL query.
            con = JDBCUtil.getDBConnection(JNDINames.DATASOURCE);
            // Different column names is an unforturnalte workaround because of Orcale, you cannot have a column named 'comment' in Oracle.
            // The workaround 'comment_' was spread in the wild in 2005, so we have to use it so far.
            String commentCol = LOGENTRYDATA_COL_COMMENT_OLD;
            if (!JDBCUtil.columnExists(con, LOGENTRYDATA_TABLE, LOGENTRYDATA_COL_COMMENT_OLD)) {
                log.debug("Using oracle column name 'comment_' in LogEntryData.");
                commentCol = LOGENTRYDATA_COL_COMMENT_ORA;
            }
            String sql = "select "+LOGENTRYDATA_COL+", "+commentCol+" from "+LOGENTRYDATA_TABLE+" where ( "
                    + query.getQueryString() + ") and (" + capriviledges + ")";
            if (StringUtils.isNotEmpty(viewlogprivileges)) {
                sql += " and (" + viewlogprivileges + ")";
            }
            ps = con.prepareStatement(sql);
            //ps.setFetchDirection(ResultSet.FETCH_REVERSE);
            ps.setFetchSize(LogConstants.MAXIMUM_QUERY_ROWCOUNT + 1);
            // Execute query.
            rs = ps.executeQuery();
            // Assemble result.
            ArrayList returnval = new ArrayList();
            while (rs.next() && returnval.size() <= LogConstants.MAXIMUM_QUERY_ROWCOUNT) {
                LogEntry data = new LogEntry(rs.getInt(1), rs.getString(2), rs.getInt(3), rs.getInt(4), new Date(rs.getLong(5)), rs.getString(6), rs.getString(7)
                        , rs.getInt(8), rs.getString(9));
                returnval.add(data);
            }
            return returnval;

        } catch (Exception e) {
            throw new EJBException(e);
        } finally {
            JDBCUtil.close(con, ps, rs);
        }
    } // query

    /**
     * Loads the log configuration from the database.
     *
     * @return the logconfiguration
     *
     * @ejb.interface-method view-type="both"
     * @ejb.transaction type="Supports"
     *
     */
    public LogConfiguration loadLogConfiguration(int caid) {
        // Check if log configuration exists, else create one.
        LogConfiguration logconfiguration = null;
        LogConfigurationDataLocal logconfigdata = null;
        try {
            logconfigdata = logconfigurationhome.findByPrimaryKey(new Integer(caid));
            logconfiguration = logconfigdata.loadLogConfiguration();
        } catch (FinderException e) {
            try {
                logconfiguration = new LogConfiguration();
                logconfigdata = logconfigurationhome.create(new Integer(caid), logconfiguration);
            } catch (CreateException f) {
                throw new EJBException(f);
            }
        }

        return logconfiguration;
    } // loadLogConfiguration

    /**
     * Saves the log configuration to the database.
     *
     * @param logconfiguration the logconfiguration to save.
     *
     * @ejb.interface-method view-type="both"
     * @ejb.transaction type="Required"
     *
     */
    public void saveLogConfiguration(Admin admin, int caid, LogConfiguration logconfiguration) {
        try {
            try {
                (logconfigurationhome.findByPrimaryKey(new Integer(caid))).saveLogConfiguration(logconfiguration);
                log(admin, caid, LogEntry.MODULE_LOG, new Date(), null, null, LogEntry.EVENT_INFO_EDITLOGCONFIGURATION, "");
            } catch (FinderException e) {
                logconfigurationhome.create(new Integer(caid), logconfiguration);
                log(admin, caid, LogEntry.MODULE_LOG, new Date(), null, null, LogEntry.EVENT_INFO_EDITLOGCONFIGURATION, "");
            }
        } catch (Exception e) {
            log(admin, caid, LogEntry.MODULE_LOG, new Date(), null, null, LogEntry.EVENT_ERROR_EDITLOGCONFIGURATION, "");
            throw new EJBException(e);
        }
    } // saveLogConfiguration


    private Integer getAndIncrementRowCount() {
        if (this.logconfigurationdata == null) {
            try {
                logconfigurationdata = logconfigurationhome.findByPrimaryKey(new Integer(0));
            } catch (FinderException e) {
                try {
                    LogConfiguration logconfiguration = new LogConfiguration();
                    this.logconfigurationdata = logconfigurationhome.create(new Integer(0), logconfiguration);
                } catch (CreateException f) {
                    throw new EJBException(f);
                }
            }
        }

        return this.logconfigurationdata.getAndIncrementRowCount();
    }

} // LocalLogSessionBean