Our Work

Liferay Audit

Posted 1 year, 6 months and 2 days ago

Auditing plays more important role when our portal contains very sensitive content. We got a requirement to collect information about user navigation and accessing content with in the portal. Liferay doesn’t have Audit process for community edition. So we verified lot of ways to store Audit information to external resource (we used Elastic Search Index to store Audit Information).

Requirement is to store information about User access of content with in the portal. During access or download a resource, Liferay should collect the information and store in the external source such as CSV file or any repo such as Elastic Search. Below information need to store in external resource:

  • Resource Title – Liferay Asset title such as Document Title.
  • Resource Type – Liferay Asset such as Document, Wiki, Blog etc…
  • User/Screen Name – Portal User Name access by a certain resource.
  • Role – Role Name(s) of the Portal assigned to Portal User.
  • Team – Team Name(s) of the Site/Community assigned to Portal User.
  • Time Stamp – Resource access Time.

For collecting Audit information we used Filters; when we extend Liferay functionality using Hook, Liferay IDE provides environment to create Filter. Liferay mostly uses URL patterns during asset view or download. So when user request to view a Liferay asset then Hook will collect the URL; inside the URL we can find which asset user is trying to see this information we can use it store in external place such as CSV or ES index etc…

 

           Above URL pattern specified document view, where URL contains document ID (fileEntryId) and other mode of the asset (view). Similarly Liferay generates URL for remaining asset access. Lifery Hook filter will catch the URL when it contains keywords we specified in Filter. Find below example of filter to collect information of a document view by a Portal User.

             Above snippet describes about url-pattern, if servlet receives above format request then ResourceURLFilter class will process the request to store information about document view. Similarly we can process other Liferay assets such as Blogs, Wiki, Pages, and Bookmarks etc…

<servlet-filter-mapping>
<servlet-filter-name>ResourceAccessFilter</servlet-filter-name>
<before-filter>URL Rewrite Filter</before-filter>
<url-pattern>/group/space/program-wiki/-/wiki/SPACE+Programs/*</url-pattern>
<url-pattern>/group/space/*</url-pattern>
<url-pattern>/group/space/whats_new/-/blogs/*</url-pattern>
<url-pattern>/c/document_library/get_file/*</url-pattern>
<url-pattern>/documents/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>INCLUDE</dispatcher>
<dispatcher>FORWARD</dispatcher>
</servlet-filter-mapping>

 

Related Posts