Auditing notifications are sent to a JMS message topic in your application server.
Setting up JMS auditing
notifications for EAServer
In your application server, enable JMS support—see Chapter 8, “Setting up the Message Service,” in the EAServer System Administration Guide, and follow these steps:
In Jaguar Manager, configure the message service, and select a database for persistent storage of JMS messages.
Create a configured topic called “AuditTopic.”
The Enterprise Security installation defines a resource environment reference in the com.sybase.ep.security.audit\SecureAuditWriter bean that points to a JMS topic called AuditTopic. To use another name for the topic, change the name of the jms/AuditTopic resource environment reference in the com.sybase.ep.security.audit\SecureAuditWriter bean.
To direct auditing information to the JMS topic, use one of these tools to set the value of auditJMSEnable to true for each domain in which you want to enable notifications:
Enterprise Security Manager—see “Configuring general properties for a security domain”.
securetool—see domainrules.
Restart EAServer for the changes to take effect.
Setting up JMS auditing
notifications for WebLogic
In your WebLogic application server, enable JMS support, select a database for persistent storage of JMS messages, and create a configured audit topic—see your BEA documentation.
Using a text editor, open the weblogic-ejb-jar.xml file, located in the sybepsecurity/sybepsecurity.ear.exploded/ com.sybase.ep.security.audit.jar/META-INF subdirectory of your WebLogic installation.
Find the “resource-env-description” block of code, which is commented out. Uncomment it, and replace “jms.AuditTopic” with the JNDI name of the audit topic you created.
Save and close the file.
In the same directory, open the ejb-jar.xml file.
Find the “resource-env-ref” block of code, which is commented out, and uncomment it.
Save and close the file.
Restart your application server for the changes to take effect.
If you enable auditing notifications for a domain, all audited messages are sent to the JMS topic. To receive messages, write a message-driven bean (MDB) that listens for messages on the audit topic. You can find a sample MDB in the SECURITY/samples/src/samples/audit directory.
Each JMS message is an instance of a javax.jms.TextMessage; the text portion is the XML audit record that is sent to the primary auditing destination. The following message properties are initialized, which enable you to filter the messages that are sent to your JMS topic:
Message property |
Datatype |
|---|---|
ResourceClass |
String |
Action |
String |
Decision (can be unspecified) |
Boolean |
If you are using EAServer, you can filter the messages sent to the audit topic by creating message selectors—see Chapter 8, “Setting up the Message Service,” in the EAServer System Administration Guide. If you are using WebLogic, see your BEA documentation.
