Security Event Service

This appendix describes the security event services.

1. Overview

This appendix describes the standard security events that are emitted to EventHandlingService from the SPI classes and default security service implementation classes. Use this reference to develop your own event handling providers by implementing the jeus.security.spi.EventHandlingService SPI.

The listing format is as follows:

G.2.X <Event type> = Event type
       Source Class: Class where the event occurred
       Event Type: Event type
       Event Level: Event level (FATAL, SERIOUS, WARNING, INFORMATION, DEBUG).
       Event Context: Key-value pairs for the event context.
       Emitted When? Conditions under which the event occurs

Normally, events are only emitted to an EventHandlingService that is in the same domain as the event source. This excludes two events, the security.install.successful and security.uninstall.attempt events, that are emitted to all configured domains in the security system.

For more information about the jeus.security.base.Event class and the jeus.security.spi.EventHandlingService class, refer to Javadoc.

2. Event

The following is the list of the standard security events.

security.validation.failed

Source Class

jeus.security.spi.SubjectValidationService

Event Type

security.validation.failed

Event Level

WARNING

Event Context

  • Key: “subject”

  • Value: jeus.security.base.Subject that failed validation.

Emitted When

Whenever a SubjectValidationService throws a SecurityException
security.authentication.failed

Source Class

jeus.security.spi.AuthenticationService

Event Type

security.authentication.failed

Event Level

WARNING

Event Context

  • Key: “subject”

  • Value: jeus.security.base.Subject that failed validation.

Emitted When

Whenever user authentication for the Subject fails.
security.authorization.failed

Source Class

jeus.security.spi.AuthorizationService

Event Type

security.authentication.failed

Event Level

WARNING

Event Context

  • Key: “contextid”

    Value: Context ID for which the permission was checked

  • Key: “permission”

    Value: java.security.Permission that needs to be checked.

  • Key: “subject”

    Value: jeus.security.base.Subject that failed user authentication.

Emitted When

Whenever the user authentication fails
security.authentication.repository.subject.added

Source Class

jeus.security.spi.AuthenticationRepositoryService

Event Type

security.authentication.repository.subject.added

Event Level

INFORMATION

Event Context

  • Key: “subject”

  • Value: jeus.security.base.Subject that is added

Emitted When

Whenever a Subject is successfully added to the AuthenticationRepositoryService.
security.authentication.repository.subject.removed

Source Class

jeus.security.spi.AuthenticationRepositoryService

Event Type

security.authentication.repository.subject.removed

Event Level

INFORMATION

Event Context

  • Key: “subject”

  • Value: jeus.security.base.Subject that is deleted.

Emitted When

Whenever a Subject is successfully removed from the AuthenticationRepositoryService.
security.authentication.repository.subject.removed.complete

Source Class

jeus.security.spi.AuthenticationRepositoryService

Event Type

security.authentication.repository.subject.removed.complete

Event Level

INFORMATION

Event Context

  • Key: “name”

  • Value: The deleted Subject

Emitted When

Whenever a Subject is successfully removed from the AuthenticationRepositoryService.
security.authorization.repository.policy.added

Source Class

jeus.security.spi.AuthorizationRepositoryService

Event Type

security.authorization.repository.policy.added

Event Level

INFORMATION

Event Context

  • Key: “policy”

  • Value: jeus.security.base.Policy that is added

Emitted When

Whenever a Policy is added to the AuthorizationRepositoryService.
security.authorization.repository.policy.removed

Source Class

jeus.security.spi.AuthorizationRepositoryService

Event Type

security.authorization.repository.policy.removed

Event Level

INFORMATION

Event Context

  • Key: “policy”

  • Value: jeus.security.base.Policy that is deleted

Emitted When

Whenever Policy data is removed from the AuthorizationRepositoryService.
security.authorization.repository.policy.removed.complete

Source Class

jeus.security.spi.AuthorizationRepositoryService

Event Type

security.authorization.repository.policy.removed.complete

Event Level

INFORMATION

Event Context

  • Key: “contextid” Value: The java.lang.String type Context ID that was removed from the repository.

Emitted When

Whenever a context id is removed from the AuthorizationRepositoryService.
security.install.successful

Source Class

jeus.security.spi.SecurityInstaller

Event Type

security.install.successful

Event Level

INFORMATION

Event Context

None

Emitted When

After the security system has been successfully installed.
security.uninstall.attempt

Source Class

jeus.security.spi.SecurityInstaller

Event Type

security.uninstall.attempt

Event Level

INFORMATION

Event Context

None

Emitted When

Before the security system is to be uninstalled.