The following configuration provides for database-backed auditing and statistics for CAS using the Inspektr Java library. The configuration assumes there exists a bean named "dataSource" that implements javax.sql.DataSource
defined somewhere in the Spring application context, e.g. deployerConfigContext.xml:
Code Block |
---|
| xml | xml |
---|
title | deployerConfigContext.xml |
---|
| xml |
---|
|
...
<!--
This is a c3p0 pooled data source suitable for production environments.
The use of some sort of connection pooling (c3p0, commons-pool) is strongly recommended
for production use.
-->
<bean
id="dataSource"
class="com.mchange.v2.c3p0.ComboPooledDataSource"
p:driverClass="oracle.jdbc.driver.OracleDriver"
p:jdbcUrl="${database.url}"
p:user="${database.user}"
p:password="${database.password}"
p:initialPoolSize="${database.pool.minSize}"
p:minPoolSize="${database.pool.minSize}"
p:maxPoolSize="${database.pool.maxSize}"
p:maxIdleTimeExcessConnections="${database.pool.maxIdleTime}"
p:checkoutTimeout="${database.pool.maxWait}"
p:acquireIncrement="${database.pool.acquireIncrement}"
p:acquireRetryAttempts="${database.pool.acquireRetryAttempts}"
p:acquireRetryDelay="${database.pool.acquireRetryDelay}"
p:idleConnectionTestPeriod="${database.pool.idleConnectionTestPeriod}"
p:preferredTestQuery="select 1 from dual"
/>
...
|
...
The following configuration is based on the auditTrailContext.xml file in WEB-INF/unused-spring-configuration/auditTrailContext.xml in the CAS 3.3.1 distribution WAR archive. The following configuration must be placed in an XML file in WEB-INF/spring-configuration of the WAR file deployed in your environment; a Maven WAR Overlay is a convenient way to do this in a repeatable fashion.
Code Block |
xml |
---|
| xml |
---|
title | auditTrailContext.xml |
---|
| xml |
---|
|
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:p="http://www.springframework.org/schema/p"
xmlns:aop="http://www.springframework.org/schema/aop"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-2.5.xsd">
<description>
Configuration file for the Inspektr package which handles auditing and
statistics for Java applications.
</description>
<aop:aspectj-autoproxy/>
<bean id="inspektrTransactionManager"
class="org.springframework.jdbc.datasource.DataSourceTransactionManager"
p:dataSource-ref="dataSource"
/>
<bean id="inspektrTransactionTemplate"
class="org.springframework.transaction.support.TransactionTemplate"
p:transactionManager-ref="inspektrTransactionManager"
p:isolationLevelName="ISOLATION_READ_COMMITTED"
p:propagationBehaviorName="PROPAGATION_REQUIRED"
p:timeout="5"
/>
<bean id="statisticManagementAspect" class="org.inspektr.statistics.StatisticManagementAspect">
<constructor-arg index="0">
<list>
<bean class="org.inspektr.statistics.support.JdbcStatisticManager">
<constructor-arg index="0" ref="dataSource" />
<constructor-arg index="1" ref="inspektrTransactionTemplate" />
</bean>
</list>
</constructor-arg>
<constructor-arg index="1" value="CAS" />
</bean>
<bean id="auditTrailManagementAspect" class="org.inspektr.audit.AuditTrailManagementAspect">
<constructor-arg index="0" ref="auditablePrincipalResolver" />
<constructor-arg index="1">
<list>
<bean class="org.jasig.cas.audit.spi.CredentialsAsFirstParameterResourceResolver" />
<bean class="org.jasig.cas.audit.spi.TicketAsFirstParameterResourceResolver" />
<bean class="org.jasig.cas.audit.spi.ServiceResourceResolver" />
</list>
</constructor-arg>
<constructor-arg index="2" ref="auditTrailManager">
</constructor-arg>
<constructor-arg index="3" value="CAS" />
</bean>
<bean id="auditTrailManager" class="org.inspektr.audit.support.JdbcAuditTrailManager">
<constructor-arg index="0" ref="inspektrTransactionTemplate" />
<property name="dataSource" ref="dataSource" />
</bean>
<bean id="auditablePrincipalResolver" class="org.jasig.cas.audit.spi.TicketOrCredentialBasedAuditablePrincipalResolver">
<constructor-arg index="0" ref="ticketRegistry" />
</bean>
</beans>
|
...
Inspektr assumes the database pointed to by the JDBC data source contains tables with the schema described at http://code.google.com/p/inspektr/wiki/DatabaseTables. The following script will create these tables with reasonable indices in Oracle; modify as needed for your database platform.
Code Block |
sql |
---|
| sql |
---|
title | Oracle Create Table Script |
---|
| sql |
---|
|
CREATE TABLE "COM_AUDIT_TRAIL" (
"AUD_USER" VARCHAR2(100) NOT NULL ENABLE,
"AUD_CLIENT_IP" VARCHAR(15) NOT NULL ENABLE,
"AUD_SERVER_IP" VARCHAR(15) NOT NULL ENABLE,
"AUD_RESOURCE" VARCHAR2(100) NOT NULL ENABLE,
"AUD_ACTION" VARCHAR2(100) NOT NULL ENABLE,
"APPLIC_CD" VARCHAR2(5) NOT NULL ENABLE,
"AUD_DATE" TIMESTAMP NOT NULL ENABLE
);
ALTER TABLE "COM_AUDIT_TRAIL"
ADD CONSTRAINT "COM_AUDIT_TRAIL_PK"
PRIMARY KEY (
"AUD_USER",
"AUD_CLIENT_IP",
"AUD_SERVER_IP",
"AUD_RESOURCE",
"AUD_ACTION",
"APPLIC_CD",
"AUD_DATE"
) ENABLE;
CREATE TABLE "COM_STATISTICS" (
"STAT_SERVER_IP" VARCHAR2(15) NOT NULL ENABLE,
"STAT_DATE" DATE NOT NULL ENABLE,
"APPLIC_CD" VARCHAR2(5) NOT NULL ENABLE,
"STAT_PRECISION" VARCHAR2(6) NOT NULL ENABLE,
"STAT_COUNT" NUMBER NOT NULL ENABLE,
"STAT_NAME" VARCHAR2(100)
);
ALTER TABLE "COM_STATISTICS"
ADD CONSTRAINT "COM_STATISTICS_PK"
PRIMARY KEY (
"STAT_SERVER_IP",
"STAT_DATE",
"APPLIC_CD",
"STAT_PRECISION",
"STAT_NAME"
) ENABLE;
CREATE INDEX "COM_AUDIT_TRAIL_DATE_I"
ON "COM_AUDIT_TRAIL" ("AUD_DATE");
CREATE INDEX "COM_AUDIT_TRAIL_CLIENT_DATE_I"
ON "COM_AUDIT_TRAIL" ("AUD_CLIENT_IP", "AUD_DATE");
CREATE INDEX "COM_AUDIT_TRAIL_USER_DATE_I"
ON "COM_AUDIT_TRAIL" ("AUD_USER", "AUD_DATE");
CREATE INDEX "COM_AUDIT_TRAIL_ACTION_DATE_I"
ON "COM_AUDIT_TRAIL" ("AUD_ACTION", "AUD_DATE");
CREATE INDEX "COM_STATISTICS_DATE_I"
ON "COM_STATISTICS" ("STAT_DATE");
CREATE INDEX "COM_STATISTICS_NAME_DATE_I"
ON "COM_STATISTICS" ("STAT_NAME", "STAT_DATE");
|