Security-Checks
Es ist möglich, eigene Security-Checks für das Security-Cockpit zu erstellen. Dafür muss ein BPC Backend Modul erstellt werden, dass den entsprechenden Service implementiert.
Beispiel Implementierung
package de.virtimo.bpc.module.demo.security.check;
import de.virtimo.bpc.api.security.*;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.osgi.service.component.annotations.*;
import java.util.List;
import java.util.Map;
import java.util.concurrent.Executors;
import java.util.concurrent.ScheduledExecutorService;
import java.util.concurrent.ThreadLocalRandom;
import java.util.concurrent.TimeUnit;
@Component(
immediate = true,
service = Check.class,
property = {"checkIdentifier=" + DemoCheck.IDENTIFIER}
)
public class DemoCheck extends AbstractCheck {
private static final Logger LOGGER = LogManager.getLogger(DemoCheck.class);
public static final String IDENTIFIER = "DemoCheck";
public static final String CHECK_DESCRIPTION = "This is a demo implementation.";
@Reference(cardinality = ReferenceCardinality.MANDATORY)
CheckResultStorageService checkResultStorageService;
private ScheduledExecutorService executorService;
@Activate
public void start(Map<String, Object> properties) {
LOGGER.info("DemoCheck activated");
executorService = Executors.newSingleThreadScheduledExecutor();
executorService.scheduleWithFixedDelay(this::runCheck, 0, 60, TimeUnit.SECONDS);
}
@Deactivate
public void stop() {
LOGGER.info("DemoCheck deactivated");
executorService.shutdownNow();
}
@Override
public String getDescription() {
return CHECK_DESCRIPTION;
}
@Override
public String getIdentifier() {
return IDENTIFIER;
}
private void runCheck() {
CheckResult checkResult = new CheckResultBuilder()
.withCheckId(this.getIdentifier())
.withPoints(ThreadLocalRandom.current().nextInt(0, 2))
.withTags(List.of("demo","test-only","ignore-this-check"))
.withDetailMessage(CHECK_DESCRIPTION)
.build();
// add check result
checkResultStorageService.storeCheckResult(checkResult);
}
}