Add access logging of user principal

author: Bjørn Christian Seime <bjorncs@oath.com> 2017-11-17 17:39:12 +0100
committer: Bjørn Christian Seime <bjorncs@oath.com> 2017-11-17 17:42:55 +0100
commit: c32765ab6f337d3ed0b2c3c1826af0066c926e6a (patch)
tree: 0f3724ec08f6d370c1dfeae9b5de3c53c8dddbf8 /container-accesslogging
parent: 14d6a525a34cb33897e8c32f728919ccca332e30 (diff)
2 files changed, 24 insertions, 0 deletions
diff --git a/container-accesslogging/src/main/java/com/yahoo/container/logging/AccessLogEntry.java b/container-accesslogging/src/main/java/com/yahoo/container/logging/AccessLogEntry.java
index f1c727ce5ff..9120c747293 100644
--- a/container-accesslogging/src/main/java/com/yahoo/container/logging/AccessLogEntry.java
+++ b/container-accesslogging/src/main/java/com/yahoo/container/logging/AccessLogEntry.java
@@ -7,6 +7,7 @@ import org.apache.commons.lang.builder.ReflectionToStringBuilder;
 import java.net.InetAddress;
 import java.net.InetSocketAddress;
 import java.net.URI;
+import java.security.Principal;
 import java.util.ArrayList;
 import java.util.Collections;
 import java.util.List;
@@ -92,6 +93,7 @@ public class AccessLogEntry {
     private int statusCode;
     private String scheme;
     private int localPort;
+    private Principal principal;
 
     private ListMap<String,String> keyValues=null;
 
@@ -709,6 +711,19 @@ public class AccessLogEntry {
         }
     }
 
+    public Principal getUserPrincipal() {
+        synchronized (monitor) {
+            return principal;
+        }
+    }
+
+    public void setUserPrincipal(Principal principal) {
+        synchronized (monitor) {
+            requireNull(this.principal);
+            this.principal = principal;
+        }
+    }
+
     @Override
     public String toString() {
         synchronized (monitor) {
diff --git a/container-accesslogging/src/main/java/com/yahoo/container/logging/JSONFormatter.java b/container-accesslogging/src/main/java/com/yahoo/container/logging/JSONFormatter.java
index 4e9ccc341b8..cca8da2e936 100644
--- a/container-accesslogging/src/main/java/com/yahoo/container/logging/JSONFormatter.java
+++ b/container-accesslogging/src/main/java/com/yahoo/container/logging/JSONFormatter.java
@@ -11,6 +11,7 @@ import java.io.IOException;
 import java.math.BigDecimal;
 import java.math.RoundingMode;
 import java.net.URI;
+import java.security.Principal;
 import java.time.Instant;
 import java.util.List;
 import java.util.Map;
@@ -62,6 +63,14 @@ public class JSONFormatter {
             generator.writeStringField("scheme", accessLogEntry.getScheme());
             generator.writeNumberField("localport", accessLogEntry.getLocalPort());
 
+            Principal principal = accessLogEntry.getUserPrincipal();
+            if (principal != null) {
+                generator.writeObjectFieldStart("user-principal");
+                generator.writeStringField("name", principal.getName());
+                generator.writeStringField("type", principal.getClass().getName());
+                generator.writeEndObject();
+            }
+
             // Only add remote address/port fields if relevant
             if (remoteAddressDiffers(accessLogEntry.getIpV4Address(), accessLogEntry.getRemoteAddress())) {
                 generator.writeStringField("remoteaddr", accessLogEntry.getRemoteAddress());
author	Bjørn Christian Seime <bjorncs@oath.com>	2017-11-17 17:39:12 +0100
committer	Bjørn Christian Seime <bjorncs@oath.com>	2017-11-17 17:42:55 +0100
commit	c32765ab6f337d3ed0b2c3c1826af0066c926e6a (patch)
tree	0f3724ec08f6d370c1dfeae9b5de3c53c8dddbf8 /container-accesslogging
parent	14d6a525a34cb33897e8c32f728919ccca332e30 (diff)