search

audit4j / audit4j-core

An open source auditing framework.
http://audit4j.org
Apache License 2.0
126 stars 76 forks source link

Using AspectJ /@Audit, logging a ValidationException warn #11

Closed mehdijouan closed 8 years ago

mehdijouan commented 9 years ago

Hi, I'm trying to implement your Auditing framework and I experienced a strange behavior.

Context

I implemented a class MetaData, I use the @Audit annotation and the org.audit4j.integration.spring.AuditAspect into my spring context.

The audited object :

public class DummyObject
{
    @Audit
    public void doSomething( final String param1)
    {
        System.out.println("something done with " + param1);
    }
}

The metadata implementation:

public class MyMetaData implements MetaData
{

    @Override
    public String getActor()
    {
        return "noOne";
    }

}

Implementation result

Log result

Audit4j:INFO Audit4j initialized. Total time: 265ms
13:23:06 [WARN ] [o.a.c.exception.ValidationException] [] Audit4j: Validation Exception: Invalid Input
07/17/2015 13:23:06|noOne|null|doSomething==>arg0 java.lang.String:strange,
something done with strange
Audit4j:INFO Preparing to shutdown Audit4j...

Issues

Warning log

I take a look to understand why I had a validationException thrown:

  1. The AuditEvent is being audited
  2. a call to this method is doneAuditEventOutputStream.write(AuditEvent event)which then, calls ValidationManager.validateEvent(event) which checks if the event has an Actor. As it doesn't, a ValidationException is thrown.
  3. back into AuditEventOutputStream.write(AuditEvent event) catch clause, there is a call to TroubleshootManager.troubleshootEvent(event); which calls my MyMetaData implementation to set the actor.

I expected to have my MyMetaData implementation called before the validation of the event.

No possibility to set an Origin

As I'm using the @Audit annotation, I'm unable to set an origin and if you take a look at the previous one, the origin is null. It could be great if you could add a getOrigin method somewhere like the getActor located into the MetaData Interface.

Cheers.

donovanmuller commented 9 years ago

Same issue here. Seems validation is triggered before the actor is populated by the MetaData

screen shot 2015-10-08 at 11 14 00 am

This is my config:

@Configuration
public class Audit4jConfiguration {

    @Bean
    public AuditAspect auditAspect() {
        return new AuditAspect();
    }

    @Bean
    public SpringAudit4jConfig springAudit4jConfig() {
        SpringAudit4jConfig springAudit4jConfig = new SpringAudit4jConfig();
        springAudit4jConfig.setLayout(new SimpleLayout());
        springAudit4jConfig.setHandlers(ImmutableList.of(new ConsoleAuditHandler()));
        springAudit4jConfig.setMetaData(() -> "Oom Jannie");

        return springAudit4jConfig;
    }
}

and annotated method:

    ...

    @RequestMapping(method = POST)
    @Audit(action = "Creating")
    public void create() {
        log.debug("Creating audit...");
    }
}

output:

2015-10-08 11:14:20.538  WARN 64658 --- [  ringBuffer-34] o.a.core.exception.ValidationException   : Audit4j: Validation Exception: Invalid Input
10/08/2015 11:14:20|Oom Jannie|null|Creating==>
janithb commented 8 years ago

Bug is fixed on audit4j-core-2.4.0-alpha3 version and available in maven central.