diff --git a/hadoop-hdds/common/src/main/java/org/apache/hadoop/ozone/audit/AuditMessage.java b/hadoop-hdds/common/src/main/java/org/apache/hadoop/ozone/audit/AuditMessage.java index 7ffbebecee1..6f3bbadaecb 100644 --- a/hadoop-hdds/common/src/main/java/org/apache/hadoop/ozone/audit/AuditMessage.java +++ b/hadoop-hdds/common/src/main/java/org/apache/hadoop/ozone/audit/AuditMessage.java @@ -1,4 +1,4 @@ -/** +/* * Licensed to the Apache Software Foundation (ASF) under one or more * contributor license agreements. See the NOTICE file distributed with this * work for additional information regarding copyright ownership. The ASF @@ -23,13 +23,14 @@ /** * Defines audit message structure. */ -public class AuditMessage implements Message { - - private String message; - private Throwable throwable; +public final class AuditMessage implements Message { - public AuditMessage(){ + private final String message; + private final Throwable throwable; + private AuditMessage(String message, Throwable throwable) { + this.message = message; + this.throwable = throwable; } @Override @@ -52,26 +53,6 @@ public Throwable getThrowable() { return throwable; } - /** - * Use when there are custom string to be added to default msg. - * @param customMessage custom string - */ - private void appendMessage(String customMessage) { - this.message += customMessage; - } - - public String getMessage() { - return message; - } - - public void setMessage(String message) { - this.message = message; - } - - public void setThrowable(Throwable throwable) { - this.throwable = throwable; - } - /** * Builder class for AuditMessage. */ @@ -83,10 +64,6 @@ public static class Builder { private Map params; private String ret; - public Builder(){ - - } - public Builder setUser(String usr){ this.user = usr; return this; @@ -97,8 +74,8 @@ public Builder atIp(String ipAddr){ return this; } - public Builder forOperation(String operation){ - this.op = operation; + public Builder forOperation(AuditAction action) { + this.op = action.getAction(); return this; } @@ -107,8 +84,8 @@ public Builder withParams(Map args){ return this; } - public Builder withResult(String result){ - this.ret = result; + public Builder withResult(AuditEventStatus result) { + this.ret = result.getStatus(); return this; } @@ -118,11 +95,9 @@ public Builder withException(Throwable ex){ } public AuditMessage build(){ - AuditMessage auditMessage = new AuditMessage(); - auditMessage.message = "user=" + this.user + " | ip=" + this.ip + " | " + + String message = "user=" + this.user + " | ip=" + this.ip + " | " + "op=" + this.op + " " + this.params + " | " + "ret=" + this.ret; - auditMessage.throwable = this.throwable; - return auditMessage; + return new AuditMessage(message, throwable); } } } diff --git a/hadoop-hdds/common/src/test/java/org/apache/hadoop/ozone/audit/TestOzoneAuditLogger.java b/hadoop-hdds/common/src/test/java/org/apache/hadoop/ozone/audit/TestOzoneAuditLogger.java index f45c55a5351..d86748c4d07 100644 --- a/hadoop-hdds/common/src/test/java/org/apache/hadoop/ozone/audit/TestOzoneAuditLogger.java +++ b/hadoop-hdds/common/src/test/java/org/apache/hadoop/ozone/audit/TestOzoneAuditLogger.java @@ -1,4 +1,4 @@ -/** +/* * Licensed to the Apache Software Foundation (ASF) under one * or more contributor license agreements. See the NOTICE file * distributed with this work for additional information @@ -29,6 +29,9 @@ import java.util.List; import java.util.Map; +import static org.apache.hadoop.ozone.audit.AuditEventStatus.FAILURE; +import static org.apache.hadoop.ozone.audit.AuditEventStatus.SUCCESS; +import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertTrue; /** @@ -42,9 +45,6 @@ public class TestOzoneAuditLogger { private static final AuditLogger AUDIT = new AuditLogger(AuditLoggerType.OMLOGGER); - private static final String SUCCESS = AuditEventStatus.SUCCESS.name(); - private static final String FAILURE = AuditEventStatus.FAILURE.name(); - private static final Map PARAMS = new DummyEntity().toAuditMap(); @@ -55,7 +55,7 @@ public class TestOzoneAuditLogger { new AuditMessage.Builder() .setUser(USER) .atIp(IP_ADDRESS) - .forOperation(DummyAction.CREATE_VOLUME.name()) + .forOperation(DummyAction.CREATE_VOLUME) .withParams(PARAMS) .withResult(FAILURE) .withException(null).build(); @@ -64,7 +64,7 @@ public class TestOzoneAuditLogger { new AuditMessage.Builder() .setUser(USER) .atIp(IP_ADDRESS) - .forOperation(DummyAction.CREATE_VOLUME.name()) + .forOperation(DummyAction.CREATE_VOLUME) .withParams(PARAMS) .withResult(SUCCESS) .withException(null).build(); @@ -73,7 +73,7 @@ public class TestOzoneAuditLogger { new AuditMessage.Builder() .setUser(USER) .atIp(IP_ADDRESS) - .forOperation(DummyAction.READ_VOLUME.name()) + .forOperation(DummyAction.READ_VOLUME) .withParams(PARAMS) .withResult(FAILURE) .withException(null).build(); @@ -82,7 +82,7 @@ public class TestOzoneAuditLogger { new AuditMessage.Builder() .setUser(USER) .atIp(IP_ADDRESS) - .forOperation(DummyAction.READ_VOLUME.name()) + .forOperation(DummyAction.READ_VOLUME) .withParams(PARAMS) .withResult(SUCCESS) .withException(null).build(); @@ -127,12 +127,12 @@ public void verifyDefaultLogLevelForFailure() throws IOException { @Test public void messageIncludesAllParts() { - String message = WRITE_FAIL_MSG.getMessage(); + String message = WRITE_FAIL_MSG.getFormattedMessage(); assertTrue(message, message.contains(USER)); assertTrue(message, message.contains(IP_ADDRESS)); assertTrue(message, message.contains(DummyAction.CREATE_VOLUME.name())); assertTrue(message, message.contains(PARAMS.toString())); - assertTrue(message, message.contains(FAILURE)); + assertTrue(message, message.contains(FAILURE.getStatus())); } /** @@ -174,6 +174,6 @@ private void verifyNoLog() throws IOException { File file = new File("audit.log"); List lines = FileUtils.readLines(file, (String)null); // When no log entry is expected, the log file must be empty - assertTrue(lines.size() == 0); + assertEquals(0, lines.size()); } } diff --git a/hadoop-hdds/container-service/src/main/java/org/apache/hadoop/ozone/container/common/impl/HddsDispatcher.java b/hadoop-hdds/container-service/src/main/java/org/apache/hadoop/ozone/container/common/impl/HddsDispatcher.java index 1feb5001dca..92924b8a42d 100644 --- a/hadoop-hdds/container-service/src/main/java/org/apache/hadoop/ozone/container/common/impl/HddsDispatcher.java +++ b/hadoop-hdds/container-service/src/main/java/org/apache/hadoop/ozone/container/common/impl/HddsDispatcher.java @@ -608,13 +608,13 @@ private void audit(AuditAction action, EventType eventType, @Override public AuditMessage buildAuditMessageForSuccess(AuditAction op, Map auditMap) { + return new AuditMessage.Builder() .setUser(null) .atIp(null) - .forOperation(op.getAction()) + .forOperation(op) .withParams(auditMap) - .withResult(AuditEventStatus.SUCCESS.toString()) - .withException(null) + .withResult(AuditEventStatus.SUCCESS) .build(); } @@ -622,12 +622,13 @@ public AuditMessage buildAuditMessageForSuccess(AuditAction op, @Override public AuditMessage buildAuditMessageForFailure(AuditAction op, Map auditMap, Throwable throwable) { + return new AuditMessage.Builder() .setUser(null) .atIp(null) - .forOperation(op.getAction()) + .forOperation(op) .withParams(auditMap) - .withResult(AuditEventStatus.FAILURE.toString()) + .withResult(AuditEventStatus.FAILURE) .withException(throwable) .build(); } diff --git a/hadoop-hdds/framework/src/main/java/org/apache/hadoop/hdds/server/ServerUtils.java b/hadoop-hdds/framework/src/main/java/org/apache/hadoop/hdds/server/ServerUtils.java index 33a1ca9558b..1d3ed3e243e 100644 --- a/hadoop-hdds/framework/src/main/java/org/apache/hadoop/hdds/server/ServerUtils.java +++ b/hadoop-hdds/framework/src/main/java/org/apache/hadoop/hdds/server/ServerUtils.java @@ -22,6 +22,8 @@ import org.apache.hadoop.hdds.conf.OzoneConfiguration; import org.apache.hadoop.hdds.scm.ScmConfigKeys; import org.apache.hadoop.ipc.RPC; +import org.apache.hadoop.ipc.Server; +import org.apache.hadoop.security.UserGroupInformation; import org.apache.http.client.methods.HttpRequestBase; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -224,4 +226,9 @@ public static File getDBPath(Configuration conf, String key) { HddsConfigKeys.OZONE_METADATA_DIRS); return ServerUtils.getOzoneMetaDirPath(conf); } + + public static String getRemoteUserName() { + UserGroupInformation remoteUser = Server.getRemoteUser(); + return remoteUser != null ? remoteUser.getUserName() : null; + } } diff --git a/hadoop-hdds/server-scm/src/main/java/org/apache/hadoop/hdds/scm/server/SCMBlockProtocolServer.java b/hadoop-hdds/server-scm/src/main/java/org/apache/hadoop/hdds/scm/server/SCMBlockProtocolServer.java index a9119eb2508..5e3e4af1488 100644 --- a/hadoop-hdds/server-scm/src/main/java/org/apache/hadoop/hdds/scm/server/SCMBlockProtocolServer.java +++ b/hadoop-hdds/server-scm/src/main/java/org/apache/hadoop/hdds/scm/server/SCMBlockProtocolServer.java @@ -1,4 +1,4 @@ -/** +/* * Licensed to the Apache Software Foundation (ASF) under one or more * contributor license * agreements. See the NOTICE file distributed with this work for additional @@ -65,6 +65,7 @@ import static org.apache.hadoop.hdds.scm.ScmConfigKeys.OZONE_SCM_HANDLER_COUNT_DEFAULT; import static org.apache.hadoop.hdds.scm.ScmConfigKeys.OZONE_SCM_HANDLER_COUNT_KEY; import static org.apache.hadoop.hdds.scm.server.StorageContainerManager.startRpcServer; +import static org.apache.hadoop.hdds.server.ServerUtils.getRemoteUserName; import static org.apache.hadoop.hdds.server.ServerUtils.updateRPCListenAddress; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -336,29 +337,26 @@ public List sortDatanodes(List nodes, @Override public AuditMessage buildAuditMessageForSuccess( AuditAction op, Map auditMap) { + return new AuditMessage.Builder() - .setUser((Server.getRemoteUser() == null) ? null : - Server.getRemoteUser().getUserName()) - .atIp((Server.getRemoteIp() == null) ? null : - Server.getRemoteIp().getHostAddress()) - .forOperation(op.getAction()) + .setUser(getRemoteUserName()) + .atIp(Server.getRemoteAddress()) + .forOperation(op) .withParams(auditMap) - .withResult(AuditEventStatus.SUCCESS.toString()) - .withException(null) + .withResult(AuditEventStatus.SUCCESS) .build(); } @Override public AuditMessage buildAuditMessageForFailure(AuditAction op, Map auditMap, Throwable throwable) { + return new AuditMessage.Builder() - .setUser((Server.getRemoteUser() == null) ? null : - Server.getRemoteUser().getUserName()) - .atIp((Server.getRemoteIp() == null) ? null : - Server.getRemoteIp().getHostAddress()) - .forOperation(op.getAction()) + .setUser(getRemoteUserName()) + .atIp(Server.getRemoteAddress()) + .forOperation(op) .withParams(auditMap) - .withResult(AuditEventStatus.FAILURE.toString()) + .withResult(AuditEventStatus.FAILURE) .withException(throwable) .build(); } diff --git a/hadoop-hdds/server-scm/src/main/java/org/apache/hadoop/hdds/scm/server/SCMClientProtocolServer.java b/hadoop-hdds/server-scm/src/main/java/org/apache/hadoop/hdds/scm/server/SCMClientProtocolServer.java index 80a6a07861f..4058c0a5b47 100644 --- a/hadoop-hdds/server-scm/src/main/java/org/apache/hadoop/hdds/scm/server/SCMClientProtocolServer.java +++ b/hadoop-hdds/server-scm/src/main/java/org/apache/hadoop/hdds/scm/server/SCMClientProtocolServer.java @@ -1,4 +1,4 @@ -/** +/* * Licensed to the Apache Software Foundation (ASF) under one or more * contributor license * agreements. See the NOTICE file distributed with this work for additional @@ -63,7 +63,6 @@ import org.apache.hadoop.ozone.audit.SCMAction; import org.apache.hadoop.hdds.scm.protocol.StorageContainerLocationProtocolServerSideTranslatorPB; import org.apache.hadoop.ozone.protocolPB.ProtocolMessageMetrics; -import org.apache.hadoop.security.UserGroupInformation; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -87,6 +86,7 @@ .OZONE_SCM_HANDLER_COUNT_DEFAULT; import static org.apache.hadoop.hdds.scm.ScmConfigKeys .OZONE_SCM_HANDLER_COUNT_KEY; +import static org.apache.hadoop.hdds.server.ServerUtils.getRemoteUserName; import static org.apache.hadoop.hdds.server.ServerUtils.updateRPCListenAddress; import static org.apache.hadoop.hdds.scm.server.StorageContainerManager .startRpcServer; @@ -181,8 +181,7 @@ public void join() throws InterruptedException { @VisibleForTesting public String getRpcRemoteUsername() { - UserGroupInformation user = ProtobufRpcEngine.Server.getRemoteUser(); - return user == null ? null : user.getUserName(); + return getRemoteUserName(); } @Override @@ -564,29 +563,26 @@ private Set queryNodeState(HddsProtos.NodeState nodeState) { @Override public AuditMessage buildAuditMessageForSuccess( AuditAction op, Map auditMap) { + return new AuditMessage.Builder() - .setUser((Server.getRemoteUser() == null) ? null : - Server.getRemoteUser().getUserName()) - .atIp((Server.getRemoteIp() == null) ? null : - Server.getRemoteIp().getHostAddress()) - .forOperation(op.getAction()) + .setUser(getRemoteUserName()) + .atIp(Server.getRemoteAddress()) + .forOperation(op) .withParams(auditMap) - .withResult(AuditEventStatus.SUCCESS.toString()) - .withException(null) + .withResult(AuditEventStatus.SUCCESS) .build(); } @Override public AuditMessage buildAuditMessageForFailure(AuditAction op, Map auditMap, Throwable throwable) { + return new AuditMessage.Builder() - .setUser((Server.getRemoteUser() == null) ? null : - Server.getRemoteUser().getUserName()) - .atIp((Server.getRemoteIp() == null) ? null : - Server.getRemoteIp().getHostAddress()) - .forOperation(op.getAction()) + .setUser(getRemoteUserName()) + .atIp(Server.getRemoteAddress()) + .forOperation(op) .withParams(auditMap) - .withResult(AuditEventStatus.FAILURE.toString()) + .withResult(AuditEventStatus.FAILURE) .withException(throwable) .build(); } diff --git a/hadoop-hdds/server-scm/src/main/java/org/apache/hadoop/hdds/scm/server/SCMDatanodeProtocolServer.java b/hadoop-hdds/server-scm/src/main/java/org/apache/hadoop/hdds/scm/server/SCMDatanodeProtocolServer.java index 530c0a6d238..f4d15d8cdce 100644 --- a/hadoop-hdds/server-scm/src/main/java/org/apache/hadoop/hdds/scm/server/SCMDatanodeProtocolServer.java +++ b/hadoop-hdds/server-scm/src/main/java/org/apache/hadoop/hdds/scm/server/SCMDatanodeProtocolServer.java @@ -1,4 +1,4 @@ -/** +/* * Licensed to the Apache Software Foundation (ASF) under one or more * contributor license * agreements. See the NOTICE file distributed with this work for additional @@ -85,6 +85,7 @@ import static org.apache.hadoop.hdds.scm.events.SCMEvents.CONTAINER_REPORT; import static org.apache.hadoop.hdds.scm.events.SCMEvents.PIPELINE_REPORT; import static org.apache.hadoop.hdds.scm.server.StorageContainerManager.startRpcServer; +import static org.apache.hadoop.hdds.server.ServerUtils.getRemoteUserName; import static org.apache.hadoop.hdds.server.ServerUtils.updateRPCListenAddress; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -355,29 +356,26 @@ public void stop() { @Override public AuditMessage buildAuditMessageForSuccess( AuditAction op, Map auditMap) { + return new AuditMessage.Builder() - .setUser((Server.getRemoteUser() == null) ? null : - Server.getRemoteUser().getUserName()) - .atIp((Server.getRemoteIp() == null) ? null : - Server.getRemoteIp().getHostAddress()) - .forOperation(op.getAction()) + .setUser(getRemoteUserName()) + .atIp(Server.getRemoteAddress()) + .forOperation(op) .withParams(auditMap) - .withResult(AuditEventStatus.SUCCESS.toString()) - .withException(null) + .withResult(AuditEventStatus.SUCCESS) .build(); } @Override public AuditMessage buildAuditMessageForFailure(AuditAction op, Map auditMap, Throwable throwable) { + return new AuditMessage.Builder() - .setUser((Server.getRemoteUser() == null) ? null : - Server.getRemoteUser().getUserName()) - .atIp((Server.getRemoteIp() == null) ? null : - Server.getRemoteIp().getHostAddress()) - .forOperation(op.getAction()) + .setUser(getRemoteUserName()) + .atIp(Server.getRemoteAddress()) + .forOperation(op) .withParams(auditMap) - .withResult(AuditEventStatus.FAILURE.toString()) + .withResult(AuditEventStatus.FAILURE) .withException(throwable) .build(); } diff --git a/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/OzoneManager.java b/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/OzoneManager.java index fa25a8c5cb1..eb20d895dc0 100644 --- a/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/OzoneManager.java +++ b/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/OzoneManager.java @@ -189,6 +189,7 @@ import static org.apache.hadoop.hdds.HddsUtils.getScmAddressForClients; import static org.apache.hadoop.hdds.protocol.proto.HddsProtos.NodeState.HEALTHY; import static org.apache.hadoop.hdds.security.x509.certificates.utils.CertificateSignRequest.getEncodedString; +import static org.apache.hadoop.hdds.server.ServerUtils.getRemoteUserName; import static org.apache.hadoop.hdds.server.ServerUtils.updateRPCListenAddress; import static org.apache.hadoop.io.retry.RetryPolicies.retryUpToMaximumCountWithFixedSleep; import static org.apache.hadoop.ozone.OzoneConfigKeys.DFS_CONTAINER_RATIS_ENABLED_DEFAULT; @@ -2352,29 +2353,26 @@ public AuditLogger getAuditLogger() { @Override public AuditMessage buildAuditMessageForSuccess(AuditAction op, Map auditMap) { + return new AuditMessage.Builder() - .setUser((Server.getRemoteUser() == null) ? null : - Server.getRemoteUser().getUserName()) - .atIp((Server.getRemoteIp() == null) ? null : - Server.getRemoteIp().getHostAddress()) - .forOperation(op.getAction()) + .setUser(getRemoteUserName()) + .atIp(Server.getRemoteAddress()) + .forOperation(op) .withParams(auditMap) - .withResult(AuditEventStatus.SUCCESS.toString()) - .withException(null) + .withResult(AuditEventStatus.SUCCESS) .build(); } @Override public AuditMessage buildAuditMessageForFailure(AuditAction op, Map auditMap, Throwable throwable) { + return new AuditMessage.Builder() - .setUser((Server.getRemoteUser() == null) ? null : - Server.getRemoteUser().getUserName()) - .atIp((Server.getRemoteIp() == null) ? null : - Server.getRemoteIp().getHostAddress()) - .forOperation(op.getAction()) + .setUser(getRemoteUserName()) + .atIp(Server.getRemoteAddress()) + .forOperation(op) .withParams(auditMap) - .withResult(AuditEventStatus.FAILURE.toString()) + .withResult(AuditEventStatus.FAILURE) .withException(throwable) .build(); } diff --git a/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/request/OMClientRequest.java b/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/request/OMClientRequest.java index f8336b59e1b..cc95e5d462b 100644 --- a/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/request/OMClientRequest.java +++ b/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/request/OMClientRequest.java @@ -229,10 +229,10 @@ public AuditMessage buildAuditMessage(AuditAction op, return new AuditMessage.Builder() .setUser(userInfo != null ? userInfo.getUserName() : null) .atIp(userInfo != null ? userInfo.getRemoteAddress() : null) - .forOperation(op.getAction()) + .forOperation(op) .withParams(auditMap) - .withResult(throwable != null ? AuditEventStatus.FAILURE.toString() : - AuditEventStatus.SUCCESS.toString()) + .withResult(throwable != null ? AuditEventStatus.FAILURE : + AuditEventStatus.SUCCESS) .withException(throwable) .build(); }