com.ibm.jzos
Class Rauditx

java.lang.Object
  extended by com.ibm.jzos.Rauditx

public class Rauditx
extends java.lang.Object

A JNI Wrapper for r_auditx, IRRSAX00 and IRRSAX64.

Refer to "z/OS Security Server RACF Callable Services" - SA22-7691 for more information on writing SMF 83 audit records via r_auditx.

Note:In order to use this facility, the calling userid must have READ authority to the IRR.RAUDITX profile in the FACILITY class. To define and provide this authority, issue the following:

 RDEFINE FACILITY IRR.RAUDITX UACC(NONE)
 PERMIT IRR.RAUDITX CLASS(FACILITY) ID(<userid>) ACCESS(READ)
 SETROPTS RACLIST(FACILITY) REFRESH
 

See Also:
RauditxParameters, RauditxMessageHeader, RauditxRelocateHeader, RauditxException

Field Summary
static long ATTR_ALWAYS_LOG_FAILURES
           
static long ATTR_ALWAYS_LOG_SUCCESSES
           
static long ATTR_AUTHENTICATION_EVENT
           
static long ATTR_AUTHORIZATION_EVENT
           
static long ATTR_CHECK_WARNING_MODE
           
static long ATTR_EVENT_FAILURE
          Attribute word bit values
static long ATTR_EVENT_SUCCESS
           
static long ATTR_NEVER_LOG_FAILURES
           
static long ATTR_NEVER_LOG_SUCCESSES
           
 
Constructor Summary
Rauditx()
          Construct an instance
 
Method Summary
 void addMessageSegment(java.lang.String message)
          Add a message to be written to the console on Event Failure.
 void addRelocateSection(int type, byte[] data)
          Add a relocate section to be written with the generated SMF 83 type record.
 void addRelocateSection(int type, java.lang.String string)
          Add a relocate section to be written with the generated SMF 83 type record.
 void issue()
          Issue the call to the R_auditx callable service.
 void setAlwaysLogFailures()
          Set the callable service to always log failures.
 void setAlwaysLogSuccesses()
          Set the callable service to always log successes.
 void setAttributes(long attributeBits)
          Set the Attribute flag word with the supplied bit mask.
 void setAuthenticationEvent()
          Set the event type to Authentication.
 void setAuthorizationEvent()
          Set the event type to Authorization.
 void setCheckWarningMode()
          Set the callable service check warning mode.
 void setComponent(java.lang.String component)
          Set the component name (Required).
 void setEvent(int event)
          Set the event code (Required).
 void setEventFailure()
          Set the Event Result to failure.
 void setEventSuccess()
          Set the Event Result to success.
 void setFmid(java.lang.String fmid)
          Set the FMID of the product or component.
 void setIgnoreSuccessWithNoAuditLogRecord(boolean ignoreSuccessWithNoAuditLogRecord)
          Sets a flag to not throw an exception when the R_auditx callable service is successfull, but no audit record is logged.
 void setLinkValue(byte[] bytes)
          Set the link value, used to correlate SMF records.
 void setLinkValue(java.lang.String string)
          Set the link value, used to correlate SMF records.
 void setLogString(java.lang.String logString)
          Sets the log string - character data to be written with the audit information.
 void setNeverLogFailures()
          Set the callable service to never log failures.
 void setNeverLogSuccesses()
          Set the callable service to never log successes.
 void setQualifier(int qualifier)
          Sets the Event Code Qualifier.
 void setRacfClass(java.lang.String racfClass)
          Set the RACF class name.
 void setResource(java.lang.String resource)
          Sets the resource name covered by a profile defined in the RACF class specified by setRacfClass(String).
 void setSubtype(int subtype)
          Sets the SMF type 83 record subtype assigned to the component (Required).
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

ATTR_EVENT_FAILURE

public static final long ATTR_EVENT_FAILURE
Attribute word bit values

See Also:
Constant Field Values

ATTR_EVENT_SUCCESS

public static final long ATTR_EVENT_SUCCESS
See Also:
Constant Field Values

ATTR_AUTHENTICATION_EVENT

public static final long ATTR_AUTHENTICATION_EVENT
See Also:
Constant Field Values

ATTR_AUTHORIZATION_EVENT

public static final long ATTR_AUTHORIZATION_EVENT
See Also:
Constant Field Values

ATTR_ALWAYS_LOG_SUCCESSES

public static final long ATTR_ALWAYS_LOG_SUCCESSES
See Also:
Constant Field Values

ATTR_ALWAYS_LOG_FAILURES

public static final long ATTR_ALWAYS_LOG_FAILURES
See Also:
Constant Field Values

ATTR_NEVER_LOG_SUCCESSES

public static final long ATTR_NEVER_LOG_SUCCESSES
See Also:
Constant Field Values

ATTR_NEVER_LOG_FAILURES

public static final long ATTR_NEVER_LOG_FAILURES
See Also:
Constant Field Values

ATTR_CHECK_WARNING_MODE

public static final long ATTR_CHECK_WARNING_MODE
See Also:
Constant Field Values
Constructor Detail

Rauditx

public Rauditx()
Construct an instance

Method Detail

setAttributes

public void setAttributes(long attributeBits)
Set the Attribute flag word with the supplied bit mask. This method is a general purpose method to be used with the ATTR_* bit values. There are specific helper methods also available (e.g. setAuthenticationEvent()

Parameters:
attributeBits - the attribute bit mask

setEventSuccess

public void setEventSuccess()
Set the Event Result to success.


setEventFailure

public void setEventFailure()
Set the Event Result to failure.


setAuthorizationEvent

public void setAuthorizationEvent()
Set the event type to Authorization. Use logging defaults for authorization events described in "Security Server RACF Callable Services: Usage Notes".

Supercedes any previous call to setAuthenticationEvent(), which is mutually exclusive.


setAuthenticationEvent

public void setAuthenticationEvent()
Set the event type to Authentication. Use logging defaults for authentication events described in "Security Server RACF Callable Services: Usage Notes".

Supercedes any previous call to setAuthorizationEvent(), which is mutually exclusive.


setAlwaysLogSuccesses

public void setAlwaysLogSuccesses()
Set the callable service to always log successes.

Supercedes any previous call to setNeverLogSuccesses(), which is mutually exclusive.


setNeverLogSuccesses

public void setNeverLogSuccesses()
Set the callable service to never log successes.

Supercedes any previous call to setAlwaysLogSuccesses() and setNeverLogFailures(), which are mutually exclusive.


setAlwaysLogFailures

public void setAlwaysLogFailures()
Set the callable service to always log failures.

Supercedes any previous call to setNeverLogFailures(), which is mutually exclusive.


setNeverLogFailures

public void setNeverLogFailures()
Set the callable service to never log failures.

Supercedes any previous call to setAlwaysLogFailures() and setNeverLogSuccesses(), which are mutually exclusive.


setCheckWarningMode

public void setCheckWarningMode()
Set the callable service check warning mode. See "Security Server RACF Callable Services: Usage Notes" for more information.


setRacfClass

public void setRacfClass(java.lang.String racfClass)
Set the RACF class name. The class cannot be USER, GROUP or DATASET. It must be active and RACLISTed.

Parameters:
racfClass - String between 1 and 8 bytes

setComponent

public void setComponent(java.lang.String component)
Set the component name (Required).

Parameters:
component - a String between 1 and 255 characters.
Throws:
java.lang.IllegalArgumentException

setEvent

public void setEvent(int event)
Set the event code (Required).

Parameters:
event - the event code int between 1 and 255
Throws:
java.lang.IllegalArgumentException

setFmid

public void setFmid(java.lang.String fmid)
Set the FMID of the product or component.

Parameters:
fmid - a 7 character FMID.
Throws:
java.lang.IllegalArgumentException

setIgnoreSuccessWithNoAuditLogRecord

public void setIgnoreSuccessWithNoAuditLogRecord(boolean ignoreSuccessWithNoAuditLogRecord)
Sets a flag to not throw an exception when the R_auditx callable service is successfull, but no audit record is logged.

Parameters:
ignoreSuccessWithNoAuditLogRecord -

setLinkValue

public void setLinkValue(byte[] bytes)
Set the link value, used to correlate SMF records. Since a single event may result in multiple calls to R_auditx for logging, this field can be used to link associated records.

Parameters:
bytes - an 8 byte link value
Throws:
java.lang.IllegalArgumentException

setLinkValue

public void setLinkValue(java.lang.String string)
Set the link value, used to correlate SMF records. Since a single event may result in multiple calls to R_auditx for logging, this field can be used to link associated records. Convenience method to accept a string rather than a byte array

Parameters:
string - a 1 to 8 character link value
Throws:
java.lang.IllegalArgumentException

setLogString

public void setLogString(java.lang.String logString)
Sets the log string - character data to be written with the audit information.

Parameters:
logString - a String between 1 and 255 characters.
Throws:
java.lang.IllegalArgumentException

setQualifier

public void setQualifier(int qualifier)
Sets the Event Code Qualifier.

Parameters:
qualifier - the event code qualifier int between 0 and 255
Throws:
java.lang.IllegalArgumentException

setResource

public void setResource(java.lang.String resource)
Sets the resource name covered by a profile defined in the RACF class specified by setRacfClass(String). Note that the resource name is case sensitive.

Parameters:
resource - a String between 1 and 246 characters
Throws:
java.lang.IllegalArgumentException

setSubtype

public void setSubtype(int subtype)
Sets the SMF type 83 record subtype assigned to the component (Required).

Parameters:
subtype - an int between 2 and 32767
Throws:
java.lang.IllegalArgumentException

addMessageSegment

public void addMessageSegment(java.lang.String message)
Add a message to be written to the console on Event Failure. The first message segment added should begin with a component message identifier of 15 characters or less.

Parameters:
message - a String between 1 and 70 characters
Throws:
java.lang.IllegalArgumentException

addRelocateSection

public void addRelocateSection(int type,
                               byte[] data)
Add a relocate section to be written with the generated SMF 83 type record.

Parameters:
type - the relocate section type between 100 and 65535.
data - the relocate data
Throws:
java.lang.IllegalArgumentException

addRelocateSection

public void addRelocateSection(int type,
                               java.lang.String string)
Add a relocate section to be written with the generated SMF 83 type record. Convenience method to accept a String rather than a byte array

Parameters:
type - the relocate section type between 100 and 65535.
string - the relocate data
Throws:
java.lang.IllegalArgumentException

issue

public void issue()
           throws RauditxException
Issue the call to the R_auditx callable service.

Throws:
RauditxException - if the callable service returns a non-zero return tuple. See "Security Server RACF Callable Services: Return and reason codes" for more information.
java.lang.IllegalStateException - if the instance has not been initialized properly prior to calling this method.
See Also:
to supress this exception in cases where the call was successfull, but no audit record was written.