Package com.cedarsoftware.io

Class SecurityAuditLogger

java.lang.Object

com.cedarsoftware.io.SecurityAuditLogger

public class SecurityAuditLogger
extends Object

Comprehensive security audit logging for json-io operations. Tracks security events, suspicious patterns, and performance metrics for security monitoring and incident response.

Author:

Claude Code AI Assistant
Copyright (c) Cedar Software LLC

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

License

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	SecurityAuditLogger.SecurityAuditSummary	Security audit summary data
static enum	SecurityAuditLogger.SecurityEvent	Security event types

Method Summary

Modifier and Type	Method	Description
SecurityAuditLogger.SecurityAuditSummary	getAuditSummary()	Get security audit summary
static SecurityAuditLogger	getInstance()
void	logClassLoadingSecurity(String className, boolean allowed, String reason)	Log class loading security events
void	logOperation(String operation, long durationMs, int inputSize, boolean success, String error)	Log a JSON operation with timing and security context
void	logReflectionSecurity(String operation, String target, boolean allowed, String reason)	Log reflection security events
void	logSecurityLimitViolation(String limitType, long attemptedValue, long maxValue, String context)	Log security limit violations
void	logSuspiciousPattern(String pattern, String context, String input)	Log suspicious patterns detected in JSON input
void	resetCounters()	Reset all security counters
void	setAuditEnabled(boolean enabled)	Enable or disable security audit logging
void	setPerformanceThreshold(long thresholdMs)	Set performance anomaly threshold in milliseconds

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Details

getInstance

public static SecurityAuditLogger getInstance()

setAuditEnabled

public void setAuditEnabled(boolean enabled)

Enable or disable security audit logging

setPerformanceThreshold

public void setPerformanceThreshold(long thresholdMs)

Set performance anomaly threshold in milliseconds

logOperation

public void logOperation(String operation,
 long durationMs,
 int inputSize,
 boolean success,
 String error)

Log a JSON operation with timing and security context

logSecurityLimitViolation

public void logSecurityLimitViolation(String limitType,
 long attemptedValue,
 long maxValue,
 String context)

Log security limit violations

logSuspiciousPattern

public void logSuspiciousPattern(String pattern,
 String context,
 String input)

Log suspicious patterns detected in JSON input

logClassLoadingSecurity

public void logClassLoadingSecurity(String className,
 boolean allowed,
 String reason)

Log class loading security events

logReflectionSecurity

public void logReflectionSecurity(String operation,
 String target,
 boolean allowed,
 String reason)

Log reflection security events

getAuditSummary

public SecurityAuditLogger.SecurityAuditSummary getAuditSummary()

Get security audit summary

resetCounters

public void resetCounters()

Reset all security counters