ambari-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From stoa...@apache.org
Subject [1/7] ambari git commit: AMBARI-15241. Basic Operational Audit Logging. (Daniel Gergely via stoader)
Date Wed, 30 Mar 2016 19:51:15 GMT
Repository: ambari
Updated Branches:
  refs/heads/trunk b197a6f6e -> 46a34ccde


http://git-wip-us.apache.org/repos/asf/ambari/blob/46a34ccd/ambari-server/src/test/java/org/apache/ambari/server/audit/request/DefaultEventCreatorTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/audit/request/DefaultEventCreatorTest.java b/ambari-server/src/test/java/org/apache/ambari/server/audit/request/DefaultEventCreatorTest.java
new file mode 100644
index 0000000..5c23059
--- /dev/null
+++ b/ambari-server/src/test/java/org/apache/ambari/server/audit/request/DefaultEventCreatorTest.java
@@ -0,0 +1,515 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ * <p/>
+ * http://www.apache.org/licenses/LICENSE-2.0
+ * <p/>
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ambari.server.audit.request;
+
+import junit.framework.Assert;
+
+import java.io.BufferedReader;
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.security.Principal;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.Enumeration;
+import java.util.HashMap;
+import java.util.Locale;
+import java.util.Map;
+
+import javax.servlet.AsyncContext;
+import javax.servlet.DispatcherType;
+import javax.servlet.RequestDispatcher;
+import javax.servlet.ServletContext;
+import javax.servlet.ServletException;
+import javax.servlet.ServletInputStream;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+import javax.servlet.http.HttpUpgradeHandler;
+import javax.servlet.http.Part;
+
+import org.apache.ambari.server.api.query.QueryImpl;
+import org.apache.ambari.server.api.resources.HostComponentResourceDefinition;
+import org.apache.ambari.server.api.resources.ResourceInstance;
+import org.apache.ambari.server.api.services.LocalUriInfo;
+import org.apache.ambari.server.api.services.Request;
+import org.apache.ambari.server.api.services.RequestBody;
+import org.apache.ambari.server.api.services.RequestFactory;
+import org.apache.ambari.server.api.services.Result;
+import org.apache.ambari.server.api.services.ResultImpl;
+import org.apache.ambari.server.api.services.ResultStatus;
+import org.apache.ambari.server.audit.request.eventcreator.DefaultEventCreator;
+import org.apache.ambari.server.controller.spi.Resource;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.context.SecurityContext;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+public class DefaultEventCreatorTest {
+
+  private DefaultEventCreator defaultEventCreator;
+  private RequestFactory requestFactory = new RequestFactory();
+
+  @BeforeClass
+  public static void beforeClass() {
+    SecurityContextHolder.setContext(new SecurityContext() {
+      @Override
+      public Authentication getAuthentication() {
+        return new Authentication() {
+          @Override
+          public Collection<? extends GrantedAuthority> getAuthorities() {
+            return null;
+          }
+
+          @Override
+          public Object getCredentials() {
+            return null;
+          }
+
+          @Override
+          public Object getDetails() {
+            return null;
+          }
+
+          @Override
+          public Object getPrincipal() {
+            return new User("testuser", "password", Collections.EMPTY_LIST);
+          }
+
+          @Override
+          public boolean isAuthenticated() {
+            return true;
+          }
+
+          @Override
+          public void setAuthenticated(boolean b) throws IllegalArgumentException {
+
+          }
+
+          @Override
+          public String getName() {
+            return null;
+          }
+        };
+      }
+
+      @Override
+      public void setAuthentication(Authentication authentication) {
+
+      }
+    });
+
+    setHttpRequest();
+  }
+
+  private static void setHttpRequest() {
+    RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(new HttpServletRequest() {
+      @Override
+      public String getAuthType() {
+        return null;
+      }
+
+      @Override
+      public javax.servlet.http.Cookie[] getCookies() {
+        return new javax.servlet.http.Cookie[0];
+      }
+
+      @Override
+      public long getDateHeader(String s) {
+        return 0;
+      }
+
+      @Override
+      public String getHeader(String s) {
+        return null;
+      }
+
+      @Override
+      public Enumeration<String> getHeaders(String s) {
+        return null;
+      }
+
+      @Override
+      public Enumeration<String> getHeaderNames() {
+        return null;
+      }
+
+      @Override
+      public int getIntHeader(String s) {
+        return 0;
+      }
+
+      @Override
+      public String getMethod() {
+        return null;
+      }
+
+      @Override
+      public String getPathInfo() {
+        return null;
+      }
+
+      @Override
+      public String getPathTranslated() {
+        return null;
+      }
+
+      @Override
+      public String getContextPath() {
+        return null;
+      }
+
+      @Override
+      public String getQueryString() {
+        return null;
+      }
+
+      @Override
+      public String getRemoteUser() {
+        return null;
+      }
+
+      @Override
+      public boolean isUserInRole(String s) {
+        return false;
+      }
+
+      @Override
+      public Principal getUserPrincipal() {
+        return null;
+      }
+
+      @Override
+      public String getRequestedSessionId() {
+        return null;
+      }
+
+      @Override
+      public String getRequestURI() {
+        return null;
+      }
+
+      @Override
+      public StringBuffer getRequestURL() {
+        return null;
+      }
+
+      @Override
+      public String getServletPath() {
+        return null;
+      }
+
+      @Override
+      public HttpSession getSession(boolean b) {
+        return null;
+      }
+
+      @Override
+      public HttpSession getSession() {
+        return null;
+      }
+
+      @Override
+      public String changeSessionId() {
+        return null;
+      }
+
+      @Override
+      public boolean isRequestedSessionIdValid() {
+        return false;
+      }
+
+      @Override
+      public boolean isRequestedSessionIdFromCookie() {
+        return false;
+      }
+
+      @Override
+      public boolean isRequestedSessionIdFromURL() {
+        return false;
+      }
+
+      @Override
+      public boolean isRequestedSessionIdFromUrl() {
+        return false;
+      }
+
+      @Override
+      public boolean authenticate(HttpServletResponse httpServletResponse) throws IOException, ServletException {
+        return false;
+      }
+
+      @Override
+      public void login(String s, String s1) throws ServletException {
+
+      }
+
+      @Override
+      public void logout() throws ServletException {
+
+      }
+
+      @Override
+      public Collection<Part> getParts() throws IOException, ServletException {
+        return null;
+      }
+
+      @Override
+      public Part getPart(String s) throws IOException, ServletException {
+        return null;
+      }
+
+      @Override
+      public <T extends HttpUpgradeHandler> T upgrade(Class<T> aClass) throws IOException, ServletException {
+        return null;
+      }
+
+      @Override
+      public Object getAttribute(String s) {
+        return null;
+      }
+
+      @Override
+      public Enumeration<String> getAttributeNames() {
+        return null;
+      }
+
+      @Override
+      public String getCharacterEncoding() {
+        return null;
+      }
+
+      @Override
+      public void setCharacterEncoding(String s) throws UnsupportedEncodingException {
+
+      }
+
+      @Override
+      public int getContentLength() {
+        return 0;
+      }
+
+      @Override
+      public long getContentLengthLong() {
+        return 0;
+      }
+
+      @Override
+      public String getContentType() {
+        return null;
+      }
+
+      @Override
+      public ServletInputStream getInputStream() throws IOException {
+        return null;
+      }
+
+      @Override
+      public String getParameter(String s) {
+        return null;
+      }
+
+      @Override
+      public Enumeration<String> getParameterNames() {
+        return null;
+      }
+
+      @Override
+      public String[] getParameterValues(String s) {
+        return new String[0];
+      }
+
+      @Override
+      public Map<String, String[]> getParameterMap() {
+        return null;
+      }
+
+      @Override
+      public String getProtocol() {
+        return null;
+      }
+
+      @Override
+      public String getScheme() {
+        return null;
+      }
+
+      @Override
+      public String getServerName() {
+        return null;
+      }
+
+      @Override
+      public int getServerPort() {
+        return 0;
+      }
+
+      @Override
+      public BufferedReader getReader() throws IOException {
+        return null;
+      }
+
+      @Override
+      public String getRemoteAddr() {
+        return "1.2.3.4";
+      }
+
+      @Override
+      public String getRemoteHost() {
+        return null;
+      }
+
+      @Override
+      public void setAttribute(String s, Object o) {
+
+      }
+
+      @Override
+      public void removeAttribute(String s) {
+
+      }
+
+      @Override
+      public Locale getLocale() {
+        return null;
+      }
+
+      @Override
+      public Enumeration<Locale> getLocales() {
+        return null;
+      }
+
+      @Override
+      public boolean isSecure() {
+        return false;
+      }
+
+      @Override
+      public RequestDispatcher getRequestDispatcher(String s) {
+        return null;
+      }
+
+      @Override
+      public String getRealPath(String s) {
+        return null;
+      }
+
+      @Override
+      public int getRemotePort() {
+        return 0;
+      }
+
+      @Override
+      public String getLocalName() {
+        return null;
+      }
+
+      @Override
+      public String getLocalAddr() {
+        return null;
+      }
+
+      @Override
+      public int getLocalPort() {
+        return 0;
+      }
+
+      @Override
+      public ServletContext getServletContext() {
+        return null;
+      }
+
+      @Override
+      public AsyncContext startAsync() throws IllegalStateException {
+        return null;
+      }
+
+      @Override
+      public AsyncContext startAsync(ServletRequest servletRequest, ServletResponse servletResponse) throws IllegalStateException {
+        return null;
+      }
+
+      @Override
+      public boolean isAsyncStarted() {
+        return false;
+      }
+
+      @Override
+      public boolean isAsyncSupported() {
+        return false;
+      }
+
+      @Override
+      public AsyncContext getAsyncContext() {
+        return null;
+      }
+
+      @Override
+      public DispatcherType getDispatcherType() {
+        return null;
+      }
+    }));
+  }
+
+  @Before
+  public void before() {
+    defaultEventCreator = new DefaultEventCreator();
+  }
+
+  @Test
+  public void defaultEventCreatorTest__okWithMessage() {
+    ResourceInstance resource = new QueryImpl(new HashMap<Resource.Type, String>(), new HostComponentResourceDefinition(), null);
+    Request request =  requestFactory.createRequest(null, new RequestBody(), new LocalUriInfo("http://apache.org"), Request.Type.POST, resource);
+    Result result = new ResultImpl(new ResultStatus(ResultStatus.STATUS.OK, "message"));
+
+    String actual = defaultEventCreator.createAuditEvent(request, result).getAuditMessage();
+    String expected = "User(testuser), RemoteIp(1.2.3.4), RequestType(POST), url(http://apache.org), ResultStatus(200 OK)";
+    Assert.assertEquals(expected, actual);
+  }
+
+  @Test
+  public void defaultEventCreatorTest__errorWithMessage() {
+    ResourceInstance resource = new QueryImpl(new HashMap<Resource.Type, String>(), new HostComponentResourceDefinition(), null);
+    Request request =  requestFactory.createRequest(null, new RequestBody(), new LocalUriInfo("http://apache.org"), Request.Type.POST, resource);
+    Result result = new ResultImpl(new ResultStatus(ResultStatus.STATUS.BAD_REQUEST, "message"));
+
+    String actual = defaultEventCreator.createAuditEvent(request, result).getAuditMessage();
+    String expected = "User(testuser), RemoteIp(1.2.3.4), RequestType(POST), url(http://apache.org), ResultStatus(400 Bad Request), Reason(message)";
+    Assert.assertEquals(expected, actual);
+  }
+
+  @Test
+  public void defaultEventCreatorTest__okWithoutMessage() {
+    ResourceInstance resource = new QueryImpl(new HashMap<Resource.Type, String>(), new HostComponentResourceDefinition(), null);
+    Request request =  requestFactory.createRequest(null, new RequestBody(), new LocalUriInfo("http://apache.org"), Request.Type.POST, resource);
+    Result result = new ResultImpl(new ResultStatus(ResultStatus.STATUS.OK));
+
+    String actual = defaultEventCreator.createAuditEvent(request, result).getAuditMessage();
+    String expected = "User(testuser), RemoteIp(1.2.3.4), RequestType(POST), url(http://apache.org), ResultStatus(200 OK)";
+    Assert.assertEquals(expected, actual);
+  }
+
+}
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/ambari/blob/46a34ccd/ambari-server/src/test/java/org/apache/ambari/server/audit/request/PutHostComponentCreator.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/audit/request/PutHostComponentCreator.java b/ambari-server/src/test/java/org/apache/ambari/server/audit/request/PutHostComponentCreator.java
new file mode 100644
index 0000000..4a95198
--- /dev/null
+++ b/ambari-server/src/test/java/org/apache/ambari/server/audit/request/PutHostComponentCreator.java
@@ -0,0 +1,44 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ambari.server.audit.request;
+
+import java.util.Collections;
+import java.util.Set;
+
+import org.apache.ambari.server.api.services.Request;
+import org.apache.ambari.server.api.services.ResultStatus;
+import org.apache.ambari.server.controller.spi.Resource;
+
+public class PutHostComponentCreator extends AbstractBaseCreator {
+
+  @Override
+  public Set<Request.Type> getRequestTypes() {
+    return Collections.singleton(Request.Type.PUT);
+  }
+
+  @Override
+  public Set<Resource.Type> getResourceTypes() {
+    return Collections.singleton(Resource.Type.HostComponent);
+  }
+
+  @Override
+  public Set<ResultStatus.STATUS> getResultStatuses() {
+    return null;
+  }
+}

http://git-wip-us.apache.org/repos/asf/ambari/blob/46a34ccd/ambari-server/src/test/java/org/apache/ambari/server/audit/request/RequestAuditLogModule.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/audit/request/RequestAuditLogModule.java b/ambari-server/src/test/java/org/apache/ambari/server/audit/request/RequestAuditLogModule.java
new file mode 100644
index 0000000..52ad44c
--- /dev/null
+++ b/ambari-server/src/test/java/org/apache/ambari/server/audit/request/RequestAuditLogModule.java
@@ -0,0 +1,40 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ambari.server.audit.request;
+
+import org.apache.ambari.server.audit.AuditLogger;
+import org.apache.ambari.server.audit.AuditLoggerDefaultImpl;
+import org.easymock.EasyMock;
+
+import com.google.inject.AbstractModule;
+import com.google.inject.multibindings.Multibinder;
+
+public class RequestAuditLogModule extends AbstractModule {
+
+  @Override
+  protected void configure() {
+    Multibinder<RequestAuditEventCreator> auditLogEventCreatorBinder = Multibinder.newSetBinder(binder(), RequestAuditEventCreator.class);
+    auditLogEventCreatorBinder.addBinding().to(AllPostAndPutCreator.class);
+    auditLogEventCreatorBinder.addBinding().to(AllGetCreator.class);
+    auditLogEventCreatorBinder.addBinding().to(PutHostComponentCreator.class);
+
+    bind(AuditLogger.class).toInstance(EasyMock.createStrictMock(AuditLoggerDefaultImpl.class));
+    bind(RequestAuditLogger.class).to(RequestAuditLoggerImpl.class);
+  }
+}

http://git-wip-us.apache.org/repos/asf/ambari/blob/46a34ccd/ambari-server/src/test/java/org/apache/ambari/server/audit/request/RequestAuditLoggerTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/audit/request/RequestAuditLoggerTest.java b/ambari-server/src/test/java/org/apache/ambari/server/audit/request/RequestAuditLoggerTest.java
new file mode 100644
index 0000000..580fd61
--- /dev/null
+++ b/ambari-server/src/test/java/org/apache/ambari/server/audit/request/RequestAuditLoggerTest.java
@@ -0,0 +1,153 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ambari.server.audit.request;
+
+import junit.framework.Assert;
+
+import java.util.HashMap;
+
+import org.apache.ambari.server.api.query.QueryImpl;
+import org.apache.ambari.server.api.resources.BlueprintResourceDefinition;
+import org.apache.ambari.server.api.resources.HostComponentResourceDefinition;
+import org.apache.ambari.server.api.resources.ResourceDefinition;
+import org.apache.ambari.server.api.resources.ResourceInstance;
+import org.apache.ambari.server.api.services.LocalUriInfo;
+import org.apache.ambari.server.api.services.Request;
+import org.apache.ambari.server.api.services.RequestBody;
+import org.apache.ambari.server.api.services.RequestFactory;
+import org.apache.ambari.server.api.services.Result;
+import org.apache.ambari.server.api.services.ResultImpl;
+import org.apache.ambari.server.api.services.ResultStatus;
+import org.apache.ambari.server.audit.event.AuditEvent;
+import org.apache.ambari.server.audit.AuditLogger;
+import org.apache.ambari.server.controller.spi.Resource;
+import org.easymock.Capture;
+import org.easymock.EasyMock;
+import org.junit.After;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+
+import com.google.inject.Guice;
+import com.google.inject.Injector;
+
+public class RequestAuditLoggerTest {
+
+  private static final String TEST_URI = "http://apache.org";
+  private static RequestAuditLogger requestAuditLogger;
+  private static AuditLogger mockAuditLogger;
+  private RequestFactory requestFactory = new RequestFactory();
+
+  @BeforeClass
+  public static void beforeClass() throws Exception {
+    Injector injector = Guice.createInjector(new RequestAuditLogModule());
+    requestAuditLogger = injector.getInstance(RequestAuditLogger.class);
+    mockAuditLogger = injector.getInstance(AuditLogger.class);
+  }
+
+  @Before
+  public void before() {
+    EasyMock.reset(mockAuditLogger);
+  }
+
+  @After
+  public void after() {
+    EasyMock.verify(mockAuditLogger);
+  }
+
+  @Test
+  public void defaultEventCreatorPostTest() {
+    testCreator(AllPostAndPutCreator.class, Request.Type.POST, new BlueprintResourceDefinition(), ResultStatus.STATUS.OK, null);
+  }
+
+  @Test
+  public void customEventCreatorPutTest() {
+    testCreator(PutHostComponentCreator.class, Request.Type.PUT, new HostComponentResourceDefinition(), ResultStatus.STATUS.OK, null);
+  }
+
+  @Test
+  public void noCreatorForRequestTypeTest() {
+    Request request = createRequest(new HostComponentResourceDefinition(), Request.Type.GET);
+    Result result = new ResultImpl(new ResultStatus(ResultStatus.STATUS.OK));
+
+    try {
+      createCapture();
+      requestAuditLogger.log(request, result);
+      EasyMock.verify(mockAuditLogger);
+      Assert.fail("Exception is excepted to be thrown");
+    } catch (AssertionError ae) {
+      EasyMock.reset(mockAuditLogger);
+      EasyMock.replay(mockAuditLogger);
+    }
+  }
+
+  @Test
+  public void noRequestTypeTest() {
+    Request request = createRequest(new BlueprintResourceDefinition(), Request.Type.DELETE);
+    Result result = new ResultImpl(new ResultStatus(ResultStatus.STATUS.OK));
+
+    try {
+      createCapture();
+      requestAuditLogger.log(request, result);
+      EasyMock.verify(mockAuditLogger);
+      Assert.fail("Exception is excepted to be thrown");
+    } catch (AssertionError ae) {
+      EasyMock.reset(mockAuditLogger);
+      EasyMock.replay(mockAuditLogger);
+    }
+  }
+
+
+
+  @Test
+  public void noGetCreatorForResourceTypeTest__defaultGetCreatorUsed() {
+    testCreator(AllGetCreator.class, Request.Type.GET, new HostComponentResourceDefinition(), ResultStatus.STATUS.ACCEPTED, null);
+  }
+
+  private void testCreator(Class<? extends AbstractBaseCreator> expectedCreatorClass, Request.Type requestType, ResourceDefinition resourceDefinition, ResultStatus.STATUS resultStatus, String resultStatusMessage) {
+    Request request = createRequest(resourceDefinition, requestType);
+    Result result = new ResultImpl(new ResultStatus(resultStatus, resultStatusMessage));
+
+    Capture<AuditEvent> capture = createCapture();
+    requestAuditLogger.log(request, result);
+
+    String expectedMessage = createExpectedMessage(expectedCreatorClass, requestType, resultStatus, resultStatusMessage);
+
+    Assert.assertEquals(expectedMessage, capture.getValue().getAuditMessage());
+  }
+
+  private Capture<AuditEvent> createCapture() {
+    EasyMock.expect(mockAuditLogger.isEnabled()).andReturn(true).anyTimes();
+    Capture<AuditEvent> capture = EasyMock.newCapture();
+    mockAuditLogger.log(EasyMock.capture(capture));
+    EasyMock.expectLastCall();
+    EasyMock.replay(mockAuditLogger);
+    return capture;
+  }
+
+  private Request createRequest(ResourceDefinition resourceDefinition, Request.Type requestType) {
+    ResourceInstance resource = new QueryImpl(new HashMap<Resource.Type, String>(), resourceDefinition, null);
+    return requestFactory.createRequest(null, new RequestBody(), new LocalUriInfo(TEST_URI), requestType, resource);
+  }
+
+  private String createExpectedMessage(Class<? extends AbstractBaseCreator> expectedCreatorClass, Request.Type requestType, ResultStatus.STATUS resultStatus, String resultStatusMessage) {
+    return expectedCreatorClass.getName() + " " + String.format("%s %s %s %s %s", requestType, TEST_URI, resultStatus.getStatus(), resultStatus, resultStatusMessage);
+  }
+
+}

http://git-wip-us.apache.org/repos/asf/ambari/blob/46a34ccd/ambari-server/src/test/java/org/apache/ambari/server/checks/UpgradeCheckOrderTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/checks/UpgradeCheckOrderTest.java b/ambari-server/src/test/java/org/apache/ambari/server/checks/UpgradeCheckOrderTest.java
index d4ff566..687d263 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/checks/UpgradeCheckOrderTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/checks/UpgradeCheckOrderTest.java
@@ -22,6 +22,7 @@ import java.util.List;
 import java.util.Properties;
 import java.util.Set;
 
+import org.apache.ambari.server.audit.AuditLoggerModule;
 import org.apache.ambari.server.configuration.Configuration;
 import org.apache.ambari.server.controller.ControllerModule;
 import org.junit.Assert;
@@ -53,7 +54,7 @@ public class UpgradeCheckOrderTest {
     properties.setProperty(Configuration.OS_VERSION_KEY, "centos6");
     properties.setProperty(Configuration.SHARED_RESOURCES_DIR_KEY, sourceResourceDirectory);
 
-    Injector injector = Guice.createInjector(new ControllerModule(properties));
+    Injector injector = Guice.createInjector(new ControllerModule(properties), new AuditLoggerModule());
     UpgradeCheckRegistry registry = injector.getInstance(UpgradeCheckRegistry.class);
     UpgradeCheckRegistry registry2 = injector.getInstance(UpgradeCheckRegistry.class);
 

http://git-wip-us.apache.org/repos/asf/ambari/blob/46a34ccd/ambari-server/src/test/java/org/apache/ambari/server/controller/AmbariManagementControllerTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/controller/AmbariManagementControllerTest.java b/ambari-server/src/test/java/org/apache/ambari/server/controller/AmbariManagementControllerTest.java
index ca062c0..af51baf 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/controller/AmbariManagementControllerTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/controller/AmbariManagementControllerTest.java
@@ -72,6 +72,7 @@ import org.apache.ambari.server.actionmanager.StageFactory;
 import org.apache.ambari.server.actionmanager.TargetHostType;
 import org.apache.ambari.server.agent.ExecutionCommand;
 import org.apache.ambari.server.api.services.AmbariMetaInfo;
+import org.apache.ambari.server.audit.AuditLoggerModule;
 import org.apache.ambari.server.configuration.Configuration;
 import org.apache.ambari.server.controller.internal.ComponentResourceProviderTest;
 import org.apache.ambari.server.controller.internal.HostComponentResourceProviderTest;
@@ -8841,7 +8842,7 @@ public class AmbariManagementControllerTest {
 
   @Test
   public void testApplyConfigurationWithTheSameTag() throws AuthorizationException {
-    Injector injector = Guice.createInjector(new AbstractModule() {
+    Injector injector = Guice.createInjector(new AuditLoggerModule(), new AbstractModule() {
       @Override
       protected void configure() {
         Properties properties = new Properties();
@@ -8913,7 +8914,7 @@ public class AmbariManagementControllerTest {
   @Test
   public void testDeleteClusterCreateHost() throws Exception {
 
-    Injector injector = Guice.createInjector(new AbstractModule() {
+    Injector injector = Guice.createInjector(new AuditLoggerModule(), new AbstractModule() {
       @Override
       protected void configure() {
         Properties properties = new Properties();
@@ -9024,7 +9025,7 @@ public class AmbariManagementControllerTest {
   @Ignore
   public void testDisableAndDeleteStates() throws Exception {
     Map<String,String> mapRequestProps = new HashMap<String, String>();
-    Injector injector = Guice.createInjector(new AbstractModule() {
+    Injector injector = Guice.createInjector(new AuditLoggerModule(), new AbstractModule() {
       @Override
       protected void configure() {
         Properties properties = new Properties();
@@ -9362,7 +9363,7 @@ public class AmbariManagementControllerTest {
     final String YARN_SERVICE_CHECK_ROLE = "YARN_SERVICE_CHECK";
 
     Map<String,String> mapRequestProps = Collections.emptyMap();
-    Injector injector = Guice.createInjector(new AbstractModule() {
+    Injector injector = Guice.createInjector(new AuditLoggerModule(), new AbstractModule() {
       @Override
       protected void configure() {
         Properties properties = new Properties();

http://git-wip-us.apache.org/repos/asf/ambari/blob/46a34ccd/ambari-server/src/test/java/org/apache/ambari/server/controller/KerberosHelperTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/controller/KerberosHelperTest.java b/ambari-server/src/test/java/org/apache/ambari/server/controller/KerberosHelperTest.java
index 0378a02..e8a2e35 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/controller/KerberosHelperTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/controller/KerberosHelperTest.java
@@ -33,6 +33,7 @@ import org.apache.ambari.server.api.services.AmbariMetaInfo;
 import org.apache.ambari.server.api.services.stackadvisor.StackAdvisorHelper;
 import org.apache.ambari.server.api.services.stackadvisor.StackAdvisorRequest;
 import org.apache.ambari.server.api.services.stackadvisor.recommendations.RecommendationResponse;
+import org.apache.ambari.server.audit.AuditLogger;
 import org.apache.ambari.server.controller.internal.ArtifactResourceProvider;
 import org.apache.ambari.server.controller.internal.RequestStageContainer;
 import org.apache.ambari.server.controller.spi.ClusterController;
@@ -217,6 +218,7 @@ public class KerberosHelperTest extends EasyMockSupport {
         bind(CreateKeytabFilesServerAction.class).toInstance(createMock(CreateKeytabFilesServerAction.class));
         bind(StackAdvisorHelper.class).toInstance(createMock(StackAdvisorHelper.class));
         bind(HostRoleCommandDAO.class).toInstance(createNiceMock(HostRoleCommandDAO.class));
+        bind(AuditLogger.class).toInstance(createNiceMock(AuditLogger.class));
       }
     });
 

http://git-wip-us.apache.org/repos/asf/ambari/blob/46a34ccd/ambari-server/src/test/java/org/apache/ambari/server/notifications/DispatchFactoryTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/notifications/DispatchFactoryTest.java b/ambari-server/src/test/java/org/apache/ambari/server/notifications/DispatchFactoryTest.java
index 6834d5c..f136f31 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/notifications/DispatchFactoryTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/notifications/DispatchFactoryTest.java
@@ -20,6 +20,7 @@ package org.apache.ambari.server.notifications;
 import java.io.File;
 import java.util.Properties;
 
+import org.apache.ambari.server.audit.AuditLoggerModule;
 import org.apache.ambari.server.configuration.Configuration;
 import org.apache.ambari.server.controller.ControllerModule;
 import org.apache.ambari.server.notifications.dispatchers.EmailDispatcher;
@@ -52,7 +53,7 @@ public class DispatchFactoryTest {
     properties.setProperty(Configuration.OS_VERSION_KEY, "centos6");
     properties.setProperty(Configuration.SHARED_RESOURCES_DIR_KEY,sourceResourceDirectory);
 
-    Injector injector = Guice.createInjector(new ControllerModule(properties));
+    Injector injector = Guice.createInjector(new AuditLoggerModule(), new ControllerModule(properties));
     DispatchFactory dispatchFactory = injector.getInstance(DispatchFactory.class);
     DispatchFactory dispatchFactory2 = injector.getInstance(DispatchFactory.class);
 

http://git-wip-us.apache.org/repos/asf/ambari/blob/46a34ccd/ambari-server/src/test/java/org/apache/ambari/server/orm/InMemoryDefaultTestModule.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/orm/InMemoryDefaultTestModule.java b/ambari-server/src/test/java/org/apache/ambari/server/orm/InMemoryDefaultTestModule.java
index 3ecfe14..b1336de 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/orm/InMemoryDefaultTestModule.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/orm/InMemoryDefaultTestModule.java
@@ -24,8 +24,11 @@ import java.util.Properties;
 import java.util.Set;
 import java.util.concurrent.atomic.AtomicReference;
 
+import org.apache.ambari.server.audit.AuditLogger;
+import org.apache.ambari.server.audit.AuditLoggerDefaultImpl;
 import org.apache.ambari.server.configuration.Configuration;
 import org.apache.ambari.server.controller.ControllerModule;
+import org.easymock.EasyMock;
 import org.springframework.beans.factory.config.BeanDefinition;
 
 import com.google.inject.AbstractModule;
@@ -77,6 +80,7 @@ public class InMemoryDefaultTestModule extends AbstractModule {
 
     try {
       install(new BeanDefinitionsCachingTestControllerModule(properties));
+      bind(AuditLogger.class).toInstance(EasyMock.createNiceMock(AuditLoggerDefaultImpl.class));
     } catch (Exception e) {
       throw new RuntimeException(e);
     }

http://git-wip-us.apache.org/repos/asf/ambari/blob/46a34ccd/ambari-server/src/test/java/org/apache/ambari/server/orm/JdbcPropertyTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/orm/JdbcPropertyTest.java b/ambari-server/src/test/java/org/apache/ambari/server/orm/JdbcPropertyTest.java
index c07382b..1fac11b 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/orm/JdbcPropertyTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/orm/JdbcPropertyTest.java
@@ -20,6 +20,8 @@ package org.apache.ambari.server.orm;
 import java.util.Properties;
 
 import com.google.inject.persist.PersistService;
+
+import org.apache.ambari.server.audit.AuditLoggerModule;
 import org.apache.ambari.server.configuration.Configuration;
 import org.apache.ambari.server.controller.ControllerModule;
 import org.apache.ambari.server.state.Clusters;
@@ -52,7 +54,7 @@ public class JdbcPropertyTest {
 
   @Test
   public void testNormal() throws Exception {
-    injector = Guice.createInjector(new ControllerModule(properties));
+    injector = Guice.createInjector(new AuditLoggerModule(), new ControllerModule(properties));
     injector.getInstance(GuiceJpaInitializer.class);
 
     injector.getInstance(Clusters.class);
@@ -61,7 +63,7 @@ public class JdbcPropertyTest {
   @Test
   public void testJdbcProperty() throws Exception {
     properties.setProperty(Configuration.SERVER_JDBC_PROPERTIES_PREFIX + "shutdown", "true");
-    injector = Guice.createInjector(new ControllerModule(properties));
+    injector = Guice.createInjector(new AuditLoggerModule(), new ControllerModule(properties));
     injector.getInstance(GuiceJpaInitializer.class);
     try {
       injector.getInstance(Clusters.class);

http://git-wip-us.apache.org/repos/asf/ambari/blob/46a34ccd/ambari-server/src/test/java/org/apache/ambari/server/security/authentication/AmbariAuthenticationFilterTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/security/authentication/AmbariAuthenticationFilterTest.java b/ambari-server/src/test/java/org/apache/ambari/server/security/authentication/AmbariAuthenticationFilterTest.java
new file mode 100644
index 0000000..13636b1
--- /dev/null
+++ b/ambari-server/src/test/java/org/apache/ambari/server/security/authentication/AmbariAuthenticationFilterTest.java
@@ -0,0 +1,135 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.ambari.server.security.authentication;
+
+import java.io.IOException;
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import org.apache.ambari.server.audit.event.AuditEvent;
+import org.apache.ambari.server.audit.AuditLogger;
+import org.apache.ambari.server.security.AmbariEntryPoint;
+import org.apache.ambari.server.security.authorization.AuthorizationHelper;
+import org.apache.ambari.server.security.authorization.PermissionHelper;
+import org.junit.runner.RunWith;
+import org.powermock.api.easymock.PowerMock;
+import org.powermock.core.classloader.annotations.PrepareForTest;
+import org.powermock.modules.junit4.PowerMockRunner;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.AuthenticationException;
+import org.junit.Before;
+import org.junit.Test;
+
+import static org.easymock.EasyMock.anyObject;
+import static org.easymock.EasyMock.createMock;
+import static org.easymock.EasyMock.expect;
+import static org.easymock.EasyMock.expectLastCall;
+import static org.easymock.EasyMock.replay;
+import static org.easymock.EasyMock.verify;
+import org.springframework.security.crypto.codec.Base64;
+
+@RunWith(PowerMockRunner.class)
+@PrepareForTest(AuthorizationHelper.class)
+public class AmbariAuthenticationFilterTest {
+
+  private AmbariAuthenticationFilter underTest;
+
+  private AuditLogger mockedAuditLogger;
+
+  private PermissionHelper permissionHelper;
+
+  private AmbariEntryPoint entryPoint;
+
+  @Before
+  public void setUp() {
+    mockedAuditLogger = createMock(AuditLogger.class);
+    permissionHelper = createMock(PermissionHelper.class);
+    entryPoint = createMock(AmbariEntryPoint.class);
+    underTest = new AmbariAuthenticationFilter(null, mockedAuditLogger, permissionHelper, entryPoint);
+    replay(entryPoint);
+  }
+
+  @Test
+  public void testDoFilter() throws IOException, ServletException {
+    // GIVEN
+    HttpServletRequest request = createMock(HttpServletRequest.class);
+    HttpServletResponse response = createMock(HttpServletResponse.class);
+    FilterChain filterChain = createMock(FilterChain.class);
+    expect(request.getHeader("Authorization")).andReturn("header").andReturn(null);
+    expect(request.getHeader("X-Forwarded-For")).andReturn("1.2.3.4");
+    mockedAuditLogger.log(anyObject(AuditEvent.class));
+    expectLastCall().times(1);
+    filterChain.doFilter(request, response);
+    expectLastCall();
+    replay(mockedAuditLogger, request, filterChain);
+    // WHEN
+    underTest.doFilter(request, response, filterChain);
+    // THEN
+    verify(mockedAuditLogger, request, filterChain);
+  }
+
+  @Test
+  public void testOnSuccessfulAuthentication() throws IOException, ServletException {
+    // GIVEN
+    HttpServletRequest request = createMock(HttpServletRequest.class);
+    HttpServletResponse response = createMock(HttpServletResponse.class);
+    Authentication authentication = createMock(Authentication.class);
+    PowerMock.mockStatic(AuthorizationHelper.class);
+
+    Map<String, List<String>> roles = new HashMap<>();
+    roles.put("a", Arrays.asList("r1", "r2", "r3"));
+    expect(permissionHelper.getPermissionLabels(authentication))
+      .andReturn(roles);
+    expect(AuthorizationHelper.getAuthorizationNames(authentication))
+      .andReturn(Arrays.asList("perm1", "perm2"));
+    expect(request.getHeader("X-Forwarded-For")).andReturn("1.2.3.4");
+    expect(authentication.getName()).andReturn("admin");
+    mockedAuditLogger.log(anyObject(AuditEvent.class));
+    expectLastCall().times(1);
+    replay(mockedAuditLogger, request, authentication, permissionHelper);
+    PowerMock.replayAll();
+    // WHEN
+    underTest.onSuccessfulAuthentication(request, response, authentication);
+    // THEN
+    verify(mockedAuditLogger, request);
+  }
+
+  @Test
+  public void testOnUnsuccessfulAuthentication() throws IOException, ServletException {
+    // GIVEN
+    HttpServletRequest request = createMock(HttpServletRequest.class);
+    HttpServletResponse response = createMock(HttpServletResponse.class);
+    AuthenticationException authEx = createMock(AuthenticationException.class);
+    expect(request.getHeader("X-Forwarded-For")).andReturn("1.2.3.4");
+    expect(request.getHeader("Authorization")).andReturn(
+      "Basic " + new String(Base64.encode("admin:admin".getBytes("UTF-8"))));
+    mockedAuditLogger.log(anyObject(AuditEvent.class));
+    expectLastCall().times(1);
+    replay(mockedAuditLogger, request, authEx);
+    // WHEN
+    underTest.onUnsuccessfulAuthentication(request, response, authEx);
+    // THEN
+    verify(mockedAuditLogger, request, authEx);
+  }
+}

http://git-wip-us.apache.org/repos/asf/ambari/blob/46a34ccd/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilterTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilterTest.java b/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilterTest.java
index 9db3904..3dd6b0a 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilterTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilterTest.java
@@ -25,6 +25,8 @@ import com.google.inject.AbstractModule;
 import com.google.inject.Guice;
 import com.google.inject.Injector;
 import junit.framework.Assert;
+
+import org.apache.ambari.server.audit.AuditLogger;
 import org.apache.ambari.server.configuration.Configuration;
 import org.apache.ambari.server.orm.DBAccessor;
 import org.apache.ambari.server.orm.dao.UserDAO;
@@ -278,6 +280,7 @@ public class AmbariAuthorizationFilterTest {
         bind(DBAccessor.class).toInstance(EasyMock.createMock(DBAccessor.class));
         bind(PasswordEncoder.class).toInstance(EasyMock.createMock(PasswordEncoder.class));
         bind(OsFamily.class).toInstance(EasyMock.createMock(OsFamily.class));
+        bind(AuditLogger.class).toInstance(EasyMock.createNiceMock(AuditLogger.class));
       }
     });
 
@@ -302,6 +305,7 @@ public class AmbariAuthorizationFilterTest {
     final FilterConfig filterConfig = createNiceMock(FilterConfig.class);
     final AmbariAuthorizationFilter filter = createMockBuilder(AmbariAuthorizationFilter.class)
         .addMockedMethod("getSecurityContext").addMockedMethod("getViewRegistry").withConstructor().createMock();
+    injectMembers(filter);
     final ViewRegistry viewRegistry = createNiceMock(ViewRegistry.class);
 
     expect(filterConfig.getInitParameter("realm")).andReturn("AuthFilter").anyTimes();
@@ -355,4 +359,24 @@ public class AmbariAuthorizationFilterTest {
       }
     }
   }
+
+  private void injectMembers(AmbariAuthorizationFilter filter) {
+    final Configuration configuration = EasyMock.createMock(Configuration.class);
+    expect(configuration.getDefaultApiAuthenticatedUser()).andReturn(null).anyTimes();
+    Injector injector = Guice.createInjector(new AbstractModule() {
+      @Override
+      protected void configure() {
+        bind(Configuration.class).toInstance(configuration);
+        bind(Users.class).toInstance(EasyMock.createMock(Users.class));
+        bind(EntityManager.class).toInstance(EasyMock.createMock(EntityManager.class));
+        bind(UserDAO.class).toInstance(EasyMock.createMock(UserDAO.class));
+        bind(DBAccessor.class).toInstance(EasyMock.createMock(DBAccessor.class));
+        bind(PasswordEncoder.class).toInstance(EasyMock.createMock(PasswordEncoder.class));
+        bind(OsFamily.class).toInstance(EasyMock.createMock(OsFamily.class));
+        bind(AuditLogger.class).toInstance(EasyMock.createNiceMock(AuditLogger.class));
+      }
+    });
+    injector.injectMembers(filter);
+    replay(configuration);
+  }
 }

http://git-wip-us.apache.org/repos/asf/ambari/blob/46a34ccd/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariLdapAuthenticationProviderForDNWithSpaceTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariLdapAuthenticationProviderForDNWithSpaceTest.java b/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariLdapAuthenticationProviderForDNWithSpaceTest.java
index da8d9bc..6534705 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariLdapAuthenticationProviderForDNWithSpaceTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariLdapAuthenticationProviderForDNWithSpaceTest.java
@@ -21,6 +21,8 @@ import com.google.inject.Guice;
 import com.google.inject.Inject;
 import com.google.inject.Injector;
 import com.google.inject.persist.PersistService;
+
+import org.apache.ambari.server.audit.AuditLoggerModule;
 import org.apache.ambari.server.configuration.Configuration;
 import org.apache.ambari.server.orm.GuiceJpaInitializer;
 import org.apache.ambari.server.orm.dao.UserDAO;
@@ -74,7 +76,7 @@ public class AmbariLdapAuthenticationProviderForDNWithSpaceTest extends AmbariLd
 
   @Before
   public void setUp() {
-    injector = Guice.createInjector(new AuthorizationTestModuleForLdapDNWithSpace());
+    injector = Guice.createInjector(new AuditLoggerModule(), new AuthorizationTestModuleForLdapDNWithSpace());
     injector.injectMembers(this);
     injector.getInstance(GuiceJpaInitializer.class);
     configuration.setClientSecurityType(ClientSecurityType.LDAP);

http://git-wip-us.apache.org/repos/asf/ambari/blob/46a34ccd/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariLdapAuthenticationProviderTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariLdapAuthenticationProviderTest.java b/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariLdapAuthenticationProviderTest.java
index b26494c..b076e85 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariLdapAuthenticationProviderTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariLdapAuthenticationProviderTest.java
@@ -23,6 +23,8 @@ import junit.framework.Assert;
 import com.google.inject.Guice;
 import com.google.inject.Inject;
 import com.google.inject.Injector;
+
+import org.apache.ambari.server.audit.AuditLoggerModule;
 import org.apache.ambari.server.configuration.Configuration;
 import org.apache.ambari.server.orm.GuiceJpaInitializer;
 import org.apache.ambari.server.orm.dao.UserDAO;
@@ -88,7 +90,7 @@ public class AmbariLdapAuthenticationProviderTest extends AmbariLdapAuthenticati
 
   @Before
   public void setUp() {
-    injector = Guice.createInjector(new AuthorizationTestModule());
+    injector = Guice.createInjector(new AuditLoggerModule(), new AuthorizationTestModule());
     injector.injectMembers(this);
     injector.getInstance(GuiceJpaInitializer.class);
     configuration.setClientSecurityType(ClientSecurityType.LDAP);

http://git-wip-us.apache.org/repos/asf/ambari/blob/46a34ccd/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariLocalUserDetailsServiceTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariLocalUserDetailsServiceTest.java b/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariLocalUserDetailsServiceTest.java
index c410f5b..b77f4bc 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariLocalUserDetailsServiceTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariLocalUserDetailsServiceTest.java
@@ -20,6 +20,8 @@ package org.apache.ambari.server.security.authorization;
 import com.google.inject.Guice;
 import com.google.inject.Inject;
 import com.google.inject.Injector;
+
+import org.apache.ambari.server.audit.AuditLoggerModule;
 import org.apache.ambari.server.orm.GuiceJpaInitializer;
 import org.apache.ambari.server.orm.OrmTestHelper;
 import org.apache.ambari.server.orm.dao.UserDAO;
@@ -47,7 +49,7 @@ public class AmbariLocalUserDetailsServiceTest {
 
   @BeforeClass
   public static void prepareData() {
-    injector = Guice.createInjector(new AuthorizationTestModule());
+    injector = Guice.createInjector(new AuditLoggerModule(), new AuthorizationTestModule());
     injector.getInstance(GuiceJpaInitializer.class);
     injector.getInstance(OrmTestHelper.class).createTestUsers();
   }

http://git-wip-us.apache.org/repos/asf/ambari/blob/46a34ccd/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/LdapServerPropertiesTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/LdapServerPropertiesTest.java b/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/LdapServerPropertiesTest.java
index bfb7a90..072905a 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/LdapServerPropertiesTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/LdapServerPropertiesTest.java
@@ -20,6 +20,8 @@ package org.apache.ambari.server.security.authorization;
 import com.google.inject.Guice;
 import com.google.inject.Inject;
 import com.google.inject.Injector;
+
+import org.apache.ambari.server.audit.AuditLoggerModule;
 import org.apache.ambari.server.configuration.Configuration;
 import org.junit.Before;
 import org.junit.Test;
@@ -43,7 +45,7 @@ public class LdapServerPropertiesTest {
   Configuration configuration;
 
   public LdapServerPropertiesTest() {
-    injector = Guice.createInjector(new AuthorizationTestModule());
+    injector = Guice.createInjector(new AuditLoggerModule(), new AuthorizationTestModule());
     injector.injectMembers(this);
   }
 

http://git-wip-us.apache.org/repos/asf/ambari/blob/46a34ccd/ambari-server/src/test/java/org/apache/ambari/server/serveraction/kerberos/KerberosServerActionTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/serveraction/kerberos/KerberosServerActionTest.java b/ambari-server/src/test/java/org/apache/ambari/server/serveraction/kerberos/KerberosServerActionTest.java
index ce97f25..ac6a154 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/serveraction/kerberos/KerberosServerActionTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/serveraction/kerberos/KerberosServerActionTest.java
@@ -29,6 +29,7 @@ import org.apache.ambari.server.actionmanager.HostRoleCommand;
 import org.apache.ambari.server.actionmanager.HostRoleStatus;
 import org.apache.ambari.server.agent.CommandReport;
 import org.apache.ambari.server.agent.ExecutionCommand;
+import org.apache.ambari.server.audit.AuditLogger;
 import org.apache.ambari.server.controller.KerberosHelper;
 import org.apache.ambari.server.security.credential.PrincipalKeyCredential;
 import org.apache.ambari.server.state.Cluster;
@@ -99,6 +100,7 @@ public class KerberosServerActionTest {
 
         bind(Clusters.class).toInstance(clusters);
         bind(OsFamily.class).toInstance(createNiceMock(OsFamily.class));
+        bind(AuditLogger.class).toInstance(createNiceMock(AuditLogger.class));
       }
     });
 

http://git-wip-us.apache.org/repos/asf/ambari/blob/46a34ccd/ambari-server/src/test/java/org/apache/ambari/server/serveraction/kerberos/UpdateKerberosConfigsServerActionTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/serveraction/kerberos/UpdateKerberosConfigsServerActionTest.java b/ambari-server/src/test/java/org/apache/ambari/server/serveraction/kerberos/UpdateKerberosConfigsServerActionTest.java
index d6f9efe..5143ea6 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/serveraction/kerberos/UpdateKerberosConfigsServerActionTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/serveraction/kerberos/UpdateKerberosConfigsServerActionTest.java
@@ -22,6 +22,7 @@ import com.google.inject.AbstractModule;
 import com.google.inject.Guice;
 import com.google.inject.Injector;
 import org.apache.ambari.server.agent.ExecutionCommand;
+import org.apache.ambari.server.audit.AuditLogger;
 import org.apache.ambari.server.controller.AmbariManagementController;
 import org.apache.ambari.server.state.Cluster;
 import org.apache.ambari.server.state.Clusters;
@@ -64,6 +65,7 @@ public class UpdateKerberosConfigsServerActionTest extends EasyMockSupport{
       protected void configure() {
         bind(AmbariManagementController.class).toInstance(controller);
         bind(ConfigHelper.class).toInstance(createNiceMock(ConfigHelper.class));
+        bind(AuditLogger.class).toInstance(createNiceMock(AuditLogger.class));
       }
     });
 

http://git-wip-us.apache.org/repos/asf/ambari/blob/46a34ccd/ambari-server/src/test/java/org/apache/ambari/server/utils/RequestUtilsTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/utils/RequestUtilsTest.java b/ambari-server/src/test/java/org/apache/ambari/server/utils/RequestUtilsTest.java
new file mode 100644
index 0000000..595127e
--- /dev/null
+++ b/ambari-server/src/test/java/org/apache/ambari/server/utils/RequestUtilsTest.java
@@ -0,0 +1,77 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.ambari.server.utils;
+
+import static org.easymock.EasyMock.anyString;
+import static org.easymock.EasyMock.createMock;
+import static org.easymock.EasyMock.expect;
+import static org.easymock.EasyMock.replay;
+import static org.easymock.EasyMock.verify;
+import static org.junit.Assert.assertEquals;
+
+import javax.servlet.http.HttpServletRequest;
+import org.junit.Test;
+
+public class RequestUtilsTest {
+
+  public static final String REMOTE_ADDRESS = "12.13.14.15";
+
+  @Test
+  public void testGetRemoteAddress() {
+    // GIVEN
+    HttpServletRequest mockedRequest = createMock(HttpServletRequest.class);
+    expect(mockedRequest.getHeader("X-Forwarded-For")).andReturn(null);
+    expect(mockedRequest.getHeader("Proxy-Client-IP")).andReturn("unknown");
+    expect(mockedRequest.getHeader("WL-Proxy-Client-IP")).andReturn("");
+    expect(mockedRequest.getHeader("HTTP_CLIENT_IP")).andReturn("unknown");
+    expect(mockedRequest.getHeader("HTTP_X_FORWARDED_FOR")).andReturn(REMOTE_ADDRESS);
+    replay(mockedRequest);
+    // WHEN
+    String remoteAddress = RequestUtils.getRemoteAddress(mockedRequest);
+    // THEN
+    assertEquals(REMOTE_ADDRESS, remoteAddress);
+    verify(mockedRequest);
+  }
+
+  @Test
+  public void testGetRemoteAddressFoundFirstHeader() {
+    // GIVEN
+    HttpServletRequest mockedRequest = createMock(HttpServletRequest.class);
+    expect(mockedRequest.getHeader("X-Forwarded-For")).andReturn(REMOTE_ADDRESS);
+    replay(mockedRequest);
+    // WHEN
+    String remoteAddress = RequestUtils.getRemoteAddress(mockedRequest);
+    // THEN
+    assertEquals(REMOTE_ADDRESS, remoteAddress);
+    verify(mockedRequest);
+  }
+
+  @Test
+  public void testGetRemoteAddressWhenHeadersAreMissing() {
+    // GIVEN
+    HttpServletRequest mockedRequest = createMock(HttpServletRequest.class);
+    expect(mockedRequest.getHeader(anyString())).andReturn(null).times(5);
+    expect(mockedRequest.getRemoteAddr()).andReturn(REMOTE_ADDRESS);
+    replay(mockedRequest);
+    // WHEN
+    String remoteAddress = RequestUtils.getRemoteAddress(mockedRequest);
+    // THEN
+    assertEquals(REMOTE_ADDRESS, remoteAddress);
+    verify(mockedRequest);
+  }
+}


Mime
View raw message