/// <summary> /// Generates a "User Authentication" login event in the audit log, according to DICOM Supplement 95, /// and a "Security Alert" event if the operation failed. /// </summary> /// <param name="username">The username or asserted username of the account that was logged in.</param> /// <param name="authenticationServer">The authentication server against which the operation was performed.</param> /// <param name="eventResult">The result of the operation.</param> public static void LogLogin(string username, EventSource authenticationServer, EventResult eventResult) { if (!AuditingEnabled) { return; } try { var currentProcess = EventSource.GetUserEventSource(LocalHostname); // record that the current process is the one that identified the authentication event var auditHelper = new UserAuthenticationAuditHelper(currentProcess, eventResult, UserAuthenticationEventType.Login); auditHelper.AddUserParticipant(new AuditPersonActiveParticipant(username, string.Empty, username)); if (authenticationServer != null) { auditHelper.AddNode(authenticationServer); } Log(auditHelper); if (eventResult != EventResult.Success) { var alertAuditHelper = new SecurityAlertAuditHelper(currentProcess, eventResult, SecurityAlertEventTypeCodeEnum.NodeAuthentication); alertAuditHelper.AddReportingUser(currentProcess); alertAuditHelper.AddActiveParticipant(new AuditPersonActiveParticipant(username, string.Empty, username)); Log(alertAuditHelper); } } catch (Exception ex) { Platform.Log(LogLevel.Warn, ex, _messageAuditFailed); } }
/// <summary> /// Generates a "User Authentication" logout event in the audit log, according to DICOM Supplement 95. /// </summary> /// <param name="username">The username or asserted username of the account that was logged out.</param> /// <param name="authenticationServer">The authentication server against which the operation was performed.</param> /// <param name="eventResult">The result of the operation.</param> /// <param name="sessionId">The ID of the session that is being logged out.</param> public static void LogLogout(string username, string sessionId, EventSource authenticationServer, EventResult eventResult) { if (!AuditingEnabled) return; try { var currentProcess = EventSource.GetUserEventSource(LocalHostname); // record that the current process is the one that identified the authentication event var auditHelper = new UserAuthenticationAuditHelper(currentProcess, eventResult, UserAuthenticationEventType.Logout); auditHelper.AddUserParticipant(new AuditPersonActiveParticipant(username, string.Empty, username)); if (authenticationServer != null) auditHelper.AddNode(authenticationServer); Log(auditHelper, username, sessionId); } catch (Exception ex) { Platform.Log(LogLevel.Warn, ex, _messageAuditFailed); } }