Versions Compared

Old Version 3

changes.mady.by.user John Jackson

Saved on

compared with

New Version 4

changes.mady.by.user Sree Raman

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Currently, in SecurityAuthenticationHttpHandler, we already have each request audit logged. For each incoming request, we log the clientIP, the URL from HTTPRequest and the responseCode from HTTPResponse. To log the request body or response body, we annotate the RESTful endpoint methods with a new custom annotation AuditPolicy such as: 

Expand
Code Block
languagejava
/**
 * Annotates a RESTful endpoint method to indicate which content needs to be audit logged.
 */
@Retention(RetentionPolicy.RUNTIME)
@Target(ElementType.METHOD)
public @interface AuditPolicy {

  boolean requestBody() default false;

  boolean responseBody() default false;
}
Code Block
languagejava
/**
 * Annotates a RESTful endpoint method to indicate which content needs to be audit logged.
 */
@Retention(RetentionPolicy.RUNTIME)
@Target(ElementType.METHOD)
public @interface AuditPolicy {

  boolean requestBody() default false;

  boolean responseBody() default false;
}

...