xrootd
 All Classes Namespaces Files Functions Variables Typedefs Enumerations Enumerator Friends Macros Pages
XrdAccAudit.hh
Go to the documentation of this file.
1 #ifndef __ACC_AUDIT__
2 #define __ACC_AUDIT__
3 /******************************************************************************/
4 /* */
5 /* X r d A c c A u d i t . h h */
6 /* */
7 /* (c) 2003 by the Board of Trustees of the Leland Stanford, Jr., University */
8 /* All Rights Reserved */
9 /* Produced by Andrew Hanushevsky for Stanford University under contract */
10 /* DE-AC02-76-SFO0515 with the Department of Energy */
11 /* */
12 /* This file is part of the XRootD software suite. */
13 /* */
14 /* XRootD is free software: you can redistribute it and/or modify it under */
15 /* the terms of the GNU Lesser General Public License as published by the */
16 /* Free Software Foundation, either version 3 of the License, or (at your */
17 /* option) any later version. */
18 /* */
19 /* XRootD is distributed in the hope that it will be useful, but WITHOUT */
20 /* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or */
21 /* FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public */
22 /* License for more details. */
23 /* */
24 /* You should have received a copy of the GNU Lesser General Public License */
25 /* along with XRootD in a file called COPYING.LESSER (LGPL license) and file */
26 /* COPYING (GPL license). If not, see <http://www.gnu.org/licenses/>. */
27 /* */
28 /* The copyright holder's institutional names and contributor's names may not */
29 /* be used to endorse or promote products derived from this software without */
30 /* specific prior written permission of the institution or contributor. */
31 /******************************************************************************/
32 
33 /******************************************************************************/
34 /* A u d i t _ O p t i o n s */
35 /******************************************************************************/
36 
41  };
42 
43 /******************************************************************************/
44 /* X r d A c c A u d i t */
45 /******************************************************************************/
46 
47 // This class is really meant to be replaced by anyone who care about auditing.
48 // Effective auditing is required to meet DOD class C security requirments.
49 
50 // This class should be placed in a shared library so that an installation can
51 // easily replace it and routine auditsdits as needed. We supply a brain-dead
52 // audit that simply issues a message:
53 // deny
54 // yymmdd hh:mm:ss acc_Audit: grant atype id@host opername path
55 
56 // Enabling/disabling is done via the method setAudit().
57 
58 // The external routine XrdAccAuditObject() returns the real audit object
59 // used by Access(). Developers should derive a class from this class and
60 // return the object of there choosing up-cast to this object. See the
61 // routine XrdAccAudit.C for the particulars.
62 
63 class XrdSysError;
64 
66 {
67 public:
68 
70  {return auditops & ops;}
71 
72 virtual void Deny(const char *opname,
73  const char *tident,
74  const char *atype,
75  const char *id,
76  const char *host,
77  const char *path);
78 
79 virtual void Grant(const char *opname,
80  const char *tident,
81  const char *atype,
82  const char *id,
83  const char *host,
84  const char *path);
85 
86 // setAudit() is used to set the auditing options: audit_none turns audit off
87 // (the default), audit_deny audit access denials, audit_grant audits access
88 // grants, and audit_all audits both. See XrdAccAudit.h for more information.
89 //
91 
93 virtual ~XrdAccAudit() {}
94 
95 private:
96 
99 };
100 
101 /******************************************************************************/
102 /* o o a c c _ A u d i t _ O b j e c t */
103 /******************************************************************************/
104 
106 
107 #endif
Definition: XrdAccAudit.hh:39
Definition: XrdAccAudit.hh:65
virtual void Grant(const char *opname, const char *tident, const char *atype, const char *id, const char *host, const char *path)
int Auditing(const XrdAccAudit_Options ops=audit_all)
Definition: XrdAccAudit.hh:69
XrdSysError * mDest
Definition: XrdAccAudit.hh:98
virtual void Deny(const char *opname, const char *tident, const char *atype, const char *id, const char *host, const char *path)
XrdAccAudit * XrdAccAuditObject(XrdSysError *erp)
Definition: XrdSysError.hh:89
XrdAccAudit_Options auditops
Definition: XrdAccAudit.hh:97
virtual ~XrdAccAudit()
Definition: XrdAccAudit.hh:93
Definition: XrdAccAudit.hh:37
Definition: XrdAccAudit.hh:38
Definition: XrdAccAudit.hh:40
XrdAccAudit(XrdSysError *erp)
void setAudit(XrdAccAudit_Options aops)
Definition: XrdAccAudit.hh:90
XrdAccAudit_Options
Definition: XrdAccAudit.hh:37