Auditing Providers 10-15
You can create instances of the MBean type by configuring your custom Auditing provider see
Section 10.5.3, Configure the Custom Auditing Provider Using the Administration Console
, and then use those MBean instances from a GUI, from other Java code, or from APIs. For example, you can use the WebLogic Server
Administration Console to get and set attributes and invoke operations, or you can develop other Java objects that instantiate MBeans and automatically respond to
information that the MBeans supply. We recommend that you back up these MBean instances.
10.5.3 Configure the Custom Auditing Provider Using the Administration Console
Configuring a custom Auditing provider means that you are adding the custom Auditing provider to your security realm, where it can be accessed by security
providers requiring audit services.
Configuring custom security providers is an administrative task, but it is a task that may also be performed by developers of custom security providers. This section
contains information that is important for the person configuring your custom Auditing providers:
■
Section 10.5.3.1, Configuring Audit Severity
10.5.3.1 Configuring Audit Severity
During the configuration process, an Auditing providers audit severity must be set to one of the following severity levels:
Note: WL_HOME\server\lib\mbeantypes is the default directory
for installing MBean types. Beginning with 9.0, security providers can be loaded from ...\domaindir\lib\mbeantypes as well.
However, if you want WebLogic Server to look for MBean types in additional directories, use the
-Dweblogic.alternateTypesDirectory=dir command-line flag when starting your server, where dir is a comma-separated list
of directory names. When you use this flag, WebLogic Server will always load MBean types from WL_
HOME\server\lib\mbeantypes first, then will look in the additional directories and load all valid archives present in those
directories regardless of their extension.
For example, if -Dweblogic.alternateTypesDirectory = dirX,dirY, WebLogic Server will first load MBean types from WL_
HOME\server\lib\mbeantypes, then any valid archives present in dirX and dirY. If you instruct WebLogic Server to look in additional
directories for MBean types and are using the Java Security Manager, you must also update the weblogic.policy file to grant appropriate
permissions for the MBean type and thus, the custom security provider. For more information, see Using Java Security to Protect
WebLogic Resources in Programming Security for Oracle WebLogic Server.
Note:
The steps for configuring a custom Auditing provider using the WebLogic Server Administration Console are described under
Configuring WebLogic Security Providers in Securing Oracle WebLogic Server.
10-16 Developing Security Providers for Oracle WebLogic Server
■
INFORMATION
■
WARNING
■
ERROR
■
SUCCESS
■
FAILURE
10.6 Security Framework Audit Events
This section describes the audit events that are posted by the WebLogic Server Security Framework. If you write a custom audit provider, it should be prepared to handle
these events. The following topics are covered in this section:
■
Section 10.6.1, Passing Additional Audit Information
■
Section 10.6.2, Audit Event Interfaces and Audit Events
10.6.1 Passing Additional Audit Information
The WebLogic Security providers implement the appropriate AuditEvent interfaces and post those events to the Audit provider. The audit events that also implement the
AuditContext interface can provide more information via a ContextHandler.
Table 10–1 lists the weblogic.security.spi subinterfaces that extend the
AuditEvent SSPI, and indicates which subinterfaces implement the AuditContext interface.
Table 10–1 Audit Events
Audit Event Name Interface Class
Audit Event
Audit Context
Application Version Event
weblogic.security.spi.Aud itApplicationVersionEvent
Yes No
Authentication Audit Event
weblogic.security.spi.Aud itAtnEvent
Yes No
Authentication Audit Event V2
weblogic.security.spi.Aud itAtnEventV2
Yes Yes
Authorization Audit Event
weblogic.security.spi.Aud itAtzEvent
Yes Yes
CertPathBuilder Audit Event
weblogic.security.spi.Aud itCertPathBuilderEvent
Yes Yes
CertPathValidator Audit Event
weblogic.security.spi.Aud itCertPathValidatorEvent
Yes Yes
Configuration Audit Event
weblogic.security.spi.Aud itConfigurationEvent
Yes Yes
Credential Mapping Audit Event
weblogic.security.spi.Aud itCredentialMappingEvent
Yes Yes
Life Cycle Event weblogic.security.spi.Aud
itLifecycleEvent Yes
No Audit Management
Event weblogic.security.spi.Aud
itMgmtEvent Yes
No