BEA Systems, Inc.

WebLogic Server 5.1.0 API Reference

weblogic.security.audit
Interface AuditProvider


public interface AuditProvider

Security audit service provider's interface. A class can implement this interface to log security-related events for auditing purposes. Several WebLogic Server components are instrumented to call methods in this interface when "interesting" events occur.

Classes that implement this interface must have a public no-arg constructor that throws no exceptions.

Methods in this interface follow a simple pattern:

All parameters to all methods are read-only. You can filter events based on their parameters and return values.

Author:
Copyright (c) 1999-2000 by BEA Systems, Inc. All Rights Reserved.

Method Summary
 void authenticateUser(java.lang.String subsystem, UserInfo info, User result)
          A request was made to authenticate a user.
 void certificateInvalid(java.lang.String subsystem, java.lang.Object source, X509 cert)
          An invalid X.509 certificate was presented.
 void checkPermission(java.lang.String subsystem, java.security.acl.Acl acl, java.security.Principal principal, java.security.acl.Permission permission, boolean result)
          A request was made to check for a permission on an ACL.
 void rootCAInvalid(java.lang.String subsystem, java.lang.Object source, X509 cert)
          A certificate chain with an invalid root certificate authority was presented.
 

Method Detail

authenticateUser

public void authenticateUser(java.lang.String subsystem,
                             UserInfo info,
                             User result)
A request was made to authenticate a user.

Parameters:
subsystem - subsystem name
info - authentication parameters
result - return value (null if authentication failure)

checkPermission

public void checkPermission(java.lang.String subsystem,
                            java.security.acl.Acl acl,
                            java.security.Principal principal,
                            java.security.acl.Permission permission,
                            boolean result)
A request was made to check for a permission on an ACL.

Parameters:
subsystem - subsystem name
acl - ACL that was checked
principal - principal that was checked
permission - permission that was checked
result - return value (false if permission denied)

certificateInvalid

public void certificateInvalid(java.lang.String subsystem,
                               java.lang.Object source,
                               X509 cert)
An invalid X.509 certificate was presented.

Parameters:
subsystem - subsystem name
source - the source of the problematic certificate, if known
cert - faulty certificate, or null if one was expected and none was given

rootCAInvalid

public void rootCAInvalid(java.lang.String subsystem,
                          java.lang.Object source,
                          X509 cert)
A certificate chain with an invalid root certificate authority was presented.

Parameters:
subsystem - subsystem name
source - the source of the problematic certificate chain, if known
cert - faulty root certificate, or null if one was expected and none was given

Documentation is available at
http://www.weblogic.com/docs51