EP Enterprise Edition integrates Enterprise Security with Enterprise Portal and includes an auditing feature that allows you to monitor user actions.You can configure auditing to:
Send notifications of audited events to a JMS message topic.
Direct the audit output to a file, a JDBC-compliant database, or a custom application.
Use a database connection cache to improve performance and scalability by allowing client connections to share open connections.
Refuse authorization and authentication requests if errors occur when an audit message is logged, such as when the file system is full.
Disable auditing in the case of an error, allowing users to continue to log in to the system.
In the portal, auditing is supported in both Portal Interface and Portal Studio and provides audit records for actions performed on protected resources, such as portlets and pages.
Portal audit asset types and access types are added into the Enterprise Security access control database (ACDB) during EP installation, so that Portal Studio users with the appropriate role can administer portal audit events.
Enterprise Portal uses the public Audit EJB
component—a stateless EJB similar to AuditSPI used
in Enterprise Security—in the portal framework to provide
control on what to audit.
You set up auditing in several places—in Enterprise Security, in Portal Studio, and in the portal global.properties.xml configuration file. This section describes in detail the changes you make to global.properties.xml to enable auditing in Portal Interface and Portal Studio. The procedures you perform in the Enterprise Security Manager are mentioned here for reference, and covered in detail in the Enterprise Security Administration Guide, Chapter 7, “Auditing.”
