/* Copyright 2015 Danish Maritime Authority.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package net.maritimecloud.portal.audit.axon;
import java.util.HashMap;
import java.util.Map;
import java.util.logging.Level;
import java.util.logging.Logger;
import net.maritimecloud.identityregistry.domain.Identity;
import net.maritimecloud.identityregistry.domain.IdentityService;
import net.maritimecloud.portal.config.AxonConfig;
import net.maritimecloud.portal.application.ApplicationServiceRegistry;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.UnavailableSecurityManagerException;
import org.apache.shiro.subject.Subject;
import org.axonframework.auditing.AuditDataProvider;
import org.axonframework.commandhandling.CommandMessage;
/**
* AuditDataProvider that provides user-information obtained mainly from Shiro
* <p>
* @author Christoffer Børrild
*/
public class ShiroAuditDataProvider implements AuditDataProvider {
private IdentityService identityService() {
return ApplicationServiceRegistry.identityService();
}
@Override
public Map<String, Object> provideAuditDataFor(CommandMessage<?> command) {
Map<String, Object> metaData = new HashMap<>();
try {
final Subject subject = SecurityUtils.getSubject();
String userHost = subject.getSession().getHost();
metaData.put(UserMetaData.USER_HOST, userHost);
if (subject.isAuthenticated()) {
String userIdentifier = (String) subject.getPrincipal();
metaData.put(UserMetaData.USERID, userIdentifier);
Identity user = identityService().findByUserId(userIdentifier);
if (user != null) {
metaData.put(UserMetaData.USERNAME, user.username());
} else {
Logger.getLogger(AxonConfig.class.getName()).log(Level.WARNING, "Unknown user with userId {0} from host " + metaData.get(UserMetaData.USER_HOST), metaData.get(UserMetaData.USERID));
metaData.put(UserMetaData.USERNAME, "Anonymous");
}
} else {
Logger.getLogger(AxonConfig.class.getName()).log(Level.FINE, "Anonymous access from host {0}", metaData.get(UserMetaData.USER_HOST));
metaData.put(UserMetaData.USERNAME, "Anonymous");
}
} catch (UnavailableSecurityManagerException ex) {
Logger.getLogger(AxonConfig.class.getName()).log(Level.WARNING, "UnavailableSecurityManagerException", ex);
throw ex;
}
return metaData;
}
}