Skip to content

Commit

Permalink
Added the username of the requesting user to the audit log for all su…
Browse files Browse the repository at this point in the history 
…ccessful request.

The username for user-password requests was always being audited, but it was being placed in the audit_param table. Now, we are adding the username, key 'user', to the audit_extra table for every successful user request. This is dependant on the User object in the request being populated which must have happened for a successful user request.

Closes #211
  • Loading branch information
John Jenkins committed Feb 23, 2012
1 parent 2808475 commit 28113a5
Showing 1 changed file with 9 additions and 1 deletion.
10 changes: 9 additions & 1 deletion src/org/ohmage/request/UserRequest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -475,7 +475,15 @@ public final boolean authenticate(AllowNewAccount newAccountsAllowed) {
*/
@Override
public Map<String, String[]> getAuditInformation() {
return new HashMap<String, String[]>();
Map<String, String[]> result = new HashMap<String, String[]>();

if(! isFailed()) {
String[] userArray = new String[1];
userArray[0] = getUser().getUsername();
result.put(InputKeys.USER, userArray);
}

return result;
}

/**************************************************************************
Expand Down

1 comment on commit 28113a5

@stevenolen
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@jojenki any idea why this wouldn't return for a successful class/read call? See json from one such response below:

{
    "timestamp": "2014-03-26T11:59:53.000-07:00",
    "response": {
        "result": "success"
    },
    "client": "lifestreams",
    "request_type": "POST",
    "responded_millis": 1395860393966,
    "received_millis": 1395860393963,
    "request_parameters": {
        "client": [
            "lifestreams"
        ],
        "auth_token": [
            "d83bb63f-98fa-4c73-8d9f-c4bd491973c2"
        ],
        "class_urn_list": [
            "urn:class:HSS"
        ]
    },
    "uri": "/app/class/read",
    "extra_data": {
        "connection": [
            "close"
        ],
        "host": [
            "test.ohmage.org"
        ],
        "x-forwarded-for": [
            "131.179.144.172"
        ],
        "accept": [
            "text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2"
        ],
        "class_urn": [
            "urn:class:HSS"
        ],
        "x-real-ip": [
            "131.179.144.172"
        ],
        "user-agent": [
            "Java/1.7.0_51"
        ]
    }
}

(edit to fix formatting)

Please sign in to comment.