LoggerListener xref

View Javadoc

1   /* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
2    *
3    * Licensed under the Apache License, Version 2.0 (the "License");
4    * you may not use this file except in compliance with the License.
5    * You may obtain a copy of the License at
6    *
7    *     http://www.apache.org/licenses/LICENSE-2.0
8    *
9    * Unless required by applicable law or agreed to in writing, software
10   * distributed under the License is distributed on an "AS IS" BASIS,
11   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12   * See the License for the specific language governing permissions and
13   * limitations under the License.
14   */
15  
16  package org.acegisecurity.event.authorization;
17  
18  import org.apache.commons.logging.Log;
19  import org.apache.commons.logging.LogFactory;
20  
21  import org.springframework.context.ApplicationEvent;
22  import org.springframework.context.ApplicationListener;
23  
24  
25  /**
26   * Outputs interceptor-related application events to Commons Logging.
27   * <p>
28   * All failures are logged at the warning level, with success events logged at the information level,
29   * and public invocation events logged at the debug level.
30   * </p>
31   *
32   * @author Ben Alex
33   * @version $Id: LoggerListener.java 1784 2007-02-24 21:00:24Z luke_t $
34   */
35  public class LoggerListener implements ApplicationListener {
36      //~ Static fields/initializers =====================================================================================
37  
38      private static final Log logger = LogFactory.getLog(LoggerListener.class);
39  
40      //~ Methods ========================================================================================================
41  
42      public void onApplicationEvent(ApplicationEvent event) {
43          if (event instanceof AuthenticationCredentialsNotFoundEvent) {
44              AuthenticationCredentialsNotFoundEvent authEvent = (AuthenticationCredentialsNotFoundEvent) event;
45  
46              if (logger.isWarnEnabled()) {
47                  logger.warn("Security interception failed due to: " + authEvent.getCredentialsNotFoundException()
48                      + "; secure object: " + authEvent.getSource() + "; configuration attributes: "
49                      + authEvent.getConfigAttributeDefinition());
50              }
51          }
52  
53          if (event instanceof AuthorizationFailureEvent) {
54              AuthorizationFailureEvent authEvent = (AuthorizationFailureEvent) event;
55  
56              if (logger.isWarnEnabled()) {
57                  logger.warn("Security authorization failed due to: " + authEvent.getAccessDeniedException()
58                      + "; authenticated principal: " + authEvent.getAuthentication()
59                      + "; secure object: " + authEvent.getSource()
60                      + "; configuration attributes: " + authEvent.getConfigAttributeDefinition());
61              }
62          }
63  
64          if (event instanceof AuthorizedEvent) {
65              AuthorizedEvent authEvent = (AuthorizedEvent) event;
66  
67              if (logger.isInfoEnabled()) {
68                  logger.info("Security authorized for authenticated principal: " + authEvent.getAuthentication()
69                      + "; secure object: " + authEvent.getSource() + "; configuration attributes: "
70                      + authEvent.getConfigAttributeDefinition());
71              }
72          }
73  
74          if (event instanceof PublicInvocationEvent) {
75              PublicInvocationEvent authEvent = (PublicInvocationEvent) event;
76  
77              if (logger.isInfoEnabled()) {
78                  logger.info("Security interception not required for public secure object: " + authEvent.getSource());
79              }
80          }
81      }
82  }