Class SecurityTracing


  • public final class SecurityTracing
    extends Object
    Security integration utility for tracing support in integration components.
    • Method Detail

      • get

        public static SecurityTracing get()
        Get an instance from the current Context or create a new instance and start the security span.
        Returns:
        existing or a new tracing instance to be used for tracing security events
      • securityContext

        public void securityContext​(SecurityContext context)
        Update security span with information from SecurityContext. The context is expected to be unauthenticated and unauthorized. This method should be called as soon as possible to provide correlation to log statements.
        Parameters:
        context - security context for this request
      • logProceed

        public void logProceed()
        Log security status - proceed. This should be logged when security allows further processing of the request.
      • logDeny

        public void logDeny()
        Log security status - deny. This should be logged when security denies further processing of the request.
      • atnTracing

        public AtnTracing atnTracing()
        Create a tracing span for authentication.
        Returns:
        authentication tracing
      • roleMapTracing

        public RoleMapTracing roleMapTracing​(String id)
        Create a tracing pan for a role mapper.
        Parameters:
        id - role mapper identification (such as idcs)
        Returns:
        role mapper tracing (each invocation creates a new instance)
      • atzTracing

        public AtzTracing atzTracing()
        Create a tracing span for authorization.
        Returns:
        authorization tracing
      • outboundTracing

        public OutboundTracing outboundTracing()
        Create a tracing span for outbound tracing. Each invocation of this method returns a new tracing instance (to support multiple outbound calls).
        Returns:
        outbound security tracing
      • responseTracing

        public ResponseTracing responseTracing()
        Create a tracing span for response.
        Returns:
        response security tracing
      • finish

        public void finish()
        Finish the span.
      • error

        public void error​(String message)
        Log error and finish the span.
        Parameters:
        message - log this message as the cause of failure
      • error

        public void error​(Throwable throwable)
        Log error and finish the span.
        Parameters:
        throwable - throwable causing security to fail
      • findParent

        public Optional<SpanContext> findParent()
        Find closes parent span context.
        Returns:
        span context if found
      • findParentSpan

        @Deprecated
        public Optional<Span> findParentSpan()
        Deprecated.
        will be removed once security context works with SpanContext. Needed for backward compatibility
        Find closes parent span.
        Returns:
        span context if found
      • logStatus

        public void logStatus​(SecurityResponse.SecurityStatus status)
        Log response status. This is to be used by authorization, authentication and outbound security. Top level security only traces proceed or deny.
        Parameters:
        status - status to log