View
215
Download
0
Category
Preview:
Citation preview
aDeNu Research Group http://adenu.ia.uned.es
The Tracking and Auditing Module for the OpenACS Framework
Jorge Couchet - Olga Santos - Emmanuelle Raffenne - Jesús Boticario
CONTENTS
• Tracking and Auditing Services• Overall Architecture• Data Model• TAM Components
– Tracking Service– Auditing Service– JASPER server– Service contract
• Conclusions
Tracking and Auditing Services
Goal is to record ACTIONS performed by USERS on OBJECTS
• Auditing– To set which OBJECTS to track– To define the set of extra data to be recorded
(+knowledge)– Semantic Processing of the recorded data
• Tracking– Recording (no knowledge at this level)
Tracking and Auditing Services
OVERALL ARCHITECTURE
Data Model
• Event = The objects and the data to be tracked– Definition (regular expression matching URL)– Command templates– Live Commands (command instances)– Contexts (where to apply which command)
• Event associated to a package instance• Event definitions are stored in the CR
Data Model
n 1
n
1
1
n
CR_TAM_CMD_TMPLS_DEF - command def
- package type (apm_packages)- command id - meaning
- state (pending|approved|unapproved)
CR_TAM_EVENTS_DEF - event def
- package id - state
CR_TAM_CMDS_DEF- state
CR_TAM_CTXS_DEF- context def
n
1
TAM ComponentsTRACKING SERVICE
• Recording (memory → nsv)– AOLServer FILTERS
• Pre-authorization filter: tam_preauth (get the timestamp for connection duration)
• Trace filter: tam_trace
• Saving data (dump to TAM log file)– AOLServer scheduled procedures
• tam_events_write
TAM ComponentsTRACKING SERVICE
TAM ComponentsAUDITING SERVICES
• Administration:– Permissions– Work with Command Templates– Event definition for a Package Instance– Reload the TAM structures
• Auditor:– Register an Event for a package instance– Reload the TAM structures– UI for reports service
TAM ComponentsJASPER SERVER
• Java server
• Main characteristics:– Work threads pool– Database thread pool– Access to the JasperReports tools
TAM ComponentsJASPER SERVER
TAM ComponentsSERVICE CONTRACT
• Contract Name: PackageEvents• Operation: SetEvents
– Package key– Command Template Definition
• cmd_idCMD_IDcmd_name argsMNG_CMDdescription• The keyword PKG_CMD separate commands• Example:
– c1CMD_IDad_conn user_idMNG_CMDThe user's identification in the systemPKG_CMDc2CMD_IDclock secondsMNG_CMDThe time in seconds
Conclusions
• Enables tracking and auditing– on package instance level– client package decides what to track and how
• Questions:– How to track changes in the DB? (old
table_audit kind of thing)– Is there a better way to anticipate/extract
knowledge from the client-package? (not through commands)
Thank You !
Recommended