📄 locallogsessionbean.java
字号:
} // log /** * Overloaded function that also logs an exception * See function above for more documentation. * * @param exception the exception that has occured * * @ejb.interface-method view-type="both" * @ejb.transaction type="RequiresNew" * */ public void log(Admin admin, int caid, int module, Date time, String username, X509Certificate certificate, int event, String comment, Exception exception) { doLog(admin, caid, module, time, username, certificate, event, comment, exception); } /** * Same as above but with the difference of CAid which is taken from the issuerdn of given certificate. * * @ejb.interface-method view-type="both" * @ejb.transaction type="RequiresNew" */ public void log(Admin admin, X509Certificate caid, int module, Date time, String username, X509Certificate certificate, int event, String comment, Exception exception) { log(admin, CertTools.getIssuerDN(caid).hashCode(), module, time, username, certificate, event, comment, exception); } // log /** * Internal implementation for logging */ private synchronized void doLog(Admin admin, int caid, int module, Date time, String username, X509Certificate certificate, int event, String comment, Exception ex) { final LogConfiguration config = loadLogConfiguration(caid); if (config.logEvent(event)) { try { if (config.useLogDB()) { logDB(admin, caid, module, time, username, certificate, event, comment); } } finally { // make sure to log here if the db fails if (config.useExternalLogDevices()) { logExternal(admin, caid, module, time, username, certificate, event, comment, ex); } } } } /** * Make use of the external loggers */ private void logExternal(Admin admin, int caid, int module, Date time, String username, X509Certificate certificate, int event, String comment, Exception ex) { Iterator i = logdevices.iterator(); while (i.hasNext()) { ILogDevice dev = (ILogDevice) i.next(); dev.log(admin, caid, module, time, username, certificate, event, comment, ex); } } /** * Log everything in the database using the log entity bean */ private void logDB(Admin admin, int caid, int module, Date time, String username, X509Certificate certificate, int event, String comment) { try { String uid = certificate == null ? null : certificate.getSerialNumber().toString(16) + "," + certificate.getIssuerDN().toString(); Integer id = getAndIncrementRowCount(); logentryhome.create(id, admin.getAdminType(), admin.getAdminData(), caid, module, time, username, uid, event, comment); if (logsigning) { LogEntry le = new LogEntry(id.intValue(), admin.getAdminType(), admin.getAdminData(), caid, module, time, username, uid, event, comment); TableProtectSessionLocal protect = protecthome.create(); protect.protect(admin, le); } } catch (Throwable e) { // FIXME we are losing a db audit entry in this case, what do we do ? String msg = intres.getLocalizedMessage("log.errormissingentry"); log.error(msg, e); getAndIncrementRowCount(); } } /** * Method to export log records according to a customized query on the log db data. The parameter query should be a legal Query object. * * @param query a number of statments compiled by query class to a SQL 'WHERE'-clause statment. * @param viewlogprivileges is a sql query string returned by a LogAuthorization object. * @param logexporter is the obbject that converts the result set into the desired log format * @return an exported byte array. Maximum number of exported entries is defined i LogConstants.MAXIMUM_QUERY_ROWCOUNT, returns null if there is nothing to export * @throws IllegalQueryException when query parameters internal rules isn't fullfilled. * @throws ExtendedCAServiceNotActiveException * @throws IllegalExtendedCAServiceRequestException * @throws ExtendedCAServiceRequestException * @throws CADoesntExistsException * @see org.ejbca.util.query.Query * * @ejb.interface-method view-type="both" * @ejb.transaction type="Supports" * */ public byte[] export(Admin admin, Query query, String viewlogprivileges, String capriviledges, ILogExporter logexporter) throws IllegalQueryException, CADoesntExistsException, ExtendedCAServiceRequestException, IllegalExtendedCAServiceRequestException, ExtendedCAServiceNotActiveException { byte[] ret = null; if (query != null) { Collection logentries = query(query, viewlogprivileges, capriviledges); if (log.isDebugEnabled()) { log.debug("Found "+logentries.size()+" entries when exporting"); } logexporter.setEntries(logentries); ret = logexporter.export(); String ca = logexporter.getSigningCA(); if (log.isDebugEnabled()) { log.debug("Signing CA is '"+ca+"'"); } if ( (ret != null) && StringUtils.isNotEmpty(ca) ) { try { int caid = Integer.parseInt(ca); ISignSessionLocal sign = signsessionhome.create(); CmsCAServiceRequest request = new CmsCAServiceRequest(ret, true); CmsCAServiceResponse resp = (CmsCAServiceResponse)sign.extendedService(admin, caid, request); ret = resp.getCmsDocument(); } catch (CreateException e) { log.error("Can not create sign session", e); } } } return ret; } /** * Method to execute a customized query on the log db data. The parameter query should be a legal Query object. * * @param query a number of statments compiled by query class to a SQL 'WHERE'-clause statment. * @param viewlogprivileges is a sql query string returned by a LogAuthorization object. * @return a collection of LogEntry. Maximum size of Collection is defined i LogConstants.MAXIMUM_QUERY_ROWCOUNT * @throws IllegalQueryException when query parameters internal rules isn't fullfilled. * @see org.ejbca.util.query.Query * * @ejb.interface-method view-type="both" * @ejb.transaction type="Supports" * */ public Collection query(Query query, String viewlogprivileges, String capriviledges) throws IllegalQueryException { debug(">query()"); if (capriviledges == null || capriviledges.length() == 0 || !query.isLegalQuery()) { throw new IllegalQueryException(); } Connection con = null; PreparedStatement ps = null; ResultSet rs = null; try { // Construct SQL query. con = JDBCUtil.getDBConnection(JNDINames.DATASOURCE); String sql = "select "+LOGENTRYDATA_COL+", "+LOGENTRYDATA_COL_COMMENT_OLD+" from "+LOGENTRYDATA_TABLE+" where ( " + query.getQueryString() + ") and (" + capriviledges + ")"; // Different column names is an unforturnalte workaround because of Orcale, you cannot have a column named 'comment' in Oracle. // The workaround 'comment_' was spread in the wild in 2005, so we have to use it so far. if (!JDBCUtil.columnExists(con, LOGENTRYDATA_TABLE, LOGENTRYDATA_COL_COMMENT_OLD)) { log.debug("Using oracle column name 'comment_' in LogEntryData."); sql = StringUtils.replace(sql, LOGENTRYDATA_COL_COMMENT_OLD, LOGENTRYDATA_COL_COMMENT_ORA); } if (StringUtils.isNotEmpty(viewlogprivileges)) { sql += " and (" + viewlogprivileges + ")"; } if (log.isDebugEnabled()) { log.debug("Query: "+sql); } ps = con.prepareStatement(sql); //ps.setFetchDirection(ResultSet.FETCH_REVERSE); ps.setFetchSize(LogConstants.MAXIMUM_QUERY_ROWCOUNT + 1); // Execute query. rs = ps.executeQuery(); // Assemble result. ArrayList returnval = new ArrayList(); while (rs.next() && returnval.size() <= LogConstants.MAXIMUM_QUERY_ROWCOUNT) { LogEntry data = new LogEntry(rs.getInt(1), rs.getInt(2), rs.getString(3), rs.getInt(4), rs.getInt(5), new Date(rs.getLong(6)), rs.getString(7), rs.getString(8), rs.getInt(9), rs.getString(10)); if (logsigning) { TableProtectSessionLocal protect = protecthome.create(); TableVerifyResult res = protect.verify(data); data.setVerifyResult(res.getResultConstant()); } returnval.add(data); } return returnval; } catch (Exception e) { throw new EJBException(e); } finally { JDBCUtil.close(con, ps, rs); } } // query /** * Loads the log configuration from the database. * * @return the logconfiguration * * @ejb.interface-method view-type="both" * @ejb.transaction type="Supports" * */ public LogConfiguration loadLogConfiguration(int caid) { // Check if log configuration exists, else create one. LogConfiguration logconfiguration = null; LogConfigurationDataLocal logconfigdata = null; try { logconfigdata = logconfigurationhome.findByPrimaryKey(new Integer(caid)); logconfiguration = logconfigdata.loadLogConfiguration(); } catch (FinderException e) { log.debug("Can't find log configuration during load (caid="+caid+"), trying to create new: ", e); try { logconfiguration = new LogConfiguration(); logconfigdata = logconfigurationhome.create(new Integer(caid), logconfiguration); } catch (CreateException f) { String msg = intres.getLocalizedMessage("log.errorcreateconf", new Integer(caid)); log.error(msg, f); throw new EJBException(f); } } return logconfiguration; } // loadLogConfiguration /** * Saves the log configuration to the database. * * @param logconfiguration the logconfiguration to save. * * @ejb.interface-method view-type="both" * @ejb.transaction type="Required" * */ public void saveLogConfiguration(Admin admin, int caid, LogConfiguration logconfiguration) { try { try { (logconfigurationhome.findByPrimaryKey(new Integer(caid))).saveLogConfiguration(logconfiguration); log(admin, caid, LogEntry.MODULE_LOG, new Date(), null, null, LogEntry.EVENT_INFO_EDITLOGCONFIGURATION, ""); } catch (FinderException e) { String msg = intres.getLocalizedMessage("log.createconf", new Integer(caid)); log.info(msg); logconfigurationhome.create(new Integer(caid), logconfiguration); log(admin, caid, LogEntry.MODULE_LOG, new Date(), null, null, LogEntry.EVENT_INFO_EDITLOGCONFIGURATION, ""); } } catch (Exception e) { log(admin, caid, LogEntry.MODULE_LOG, new Date(), null, null, LogEntry.EVENT_ERROR_EDITLOGCONFIGURATION, ""); throw new EJBException(e); } } // saveLogConfiguration private Integer getAndIncrementRowCount() { if (this.logconfigurationdata == null) { try { logconfigurationdata = logconfigurationhome.findByPrimaryKey(new Integer(0)); } catch (FinderException e) { try { LogConfiguration logconfiguration = new LogConfiguration(); this.logconfigurationdata = logconfigurationhome.create(new Integer(0), logconfiguration); } catch (CreateException f) { throw new EJBException(f); } } } return this.logconfigurationdata.getAndIncrementRowCount(); }} // LocalLogSessionBean⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -