Package org.forgerock.caf.authentication.framework

Class AuditTrail

java.lang.Object
org.forgerock.caf.authentication.framework.AuditTrail
public class AuditTrail extends Object

Responsible for tracking the auditing of an authentication attempt including auditing each of the modules that are executed and the overall result of the authentication.

The audit record will include a unique request id, the principal (if authentication was successful) and a session id (if a session was created).

Since:
1.5.0

  • Field Details

    • AUDIT_TRAIL_KEY

      public static final String AUDIT_TRAIL_KEY
      MessageInfo map key for retrieving the audit trail instance.
      See Also:

    • AUDIT_INFO_KEY

      public static final String AUDIT_INFO_KEY
      MessageInfo map key for setting additional audit information from a module.
      See Also:

    • AUDIT_PRINCIPAL_KEY

      public static final String AUDIT_PRINCIPAL_KEY
      MessageInfo map key for setting the principal that the auth module has identified that will be set in the audit log entry.
      See Also:

    • AUDIT_SESSION_ID_KEY

      public static final String AUDIT_SESSION_ID_KEY
      MessageInfo map key for setting the session id for the authentication request.
      See Also:

    • AUDIT_FAILURE_REASON_KEY

      public static final String AUDIT_FAILURE_REASON_KEY
      MessageInfo map key for setting the reason for the module failure.
      See Also:

  • Method Details

    • auditSuccess

      public void auditSuccess(String moduleId, Map<String,Object> info)
      Audits a module as having completed successfully.
      Parameters:
      moduleId - The id of the module.
      info - The module audit info map.

    • auditFailure

      public void auditFailure(String moduleId, Map<String,Object> reason, Map<String,Object> info)
      Audits a module as having completed as a failure.
      Parameters:
      moduleId - The id of the module.
      reason - The reason the module is reporting a failure.
      info - The module audit info map.

    • setSessionId

      public void setSessionId(String sessionId)
      Sets the session id on the audit record, if a session has been created. Will not set the session id on the audit record if it is null or an empty String.
      Parameters:
      sessionId - The session id.

    • getFailureReasons

      public List<Map<String,Object>> getFailureReasons()
      Gets the list of failure reasons from each of the module entries.
      Returns:
      A List of failure reasons as Maps of String to Objects.

    • toString

      public String toString()
      Overrides:
      toString in class Object