![]() |
iPlanet Trustbase Transaction Manager 3.0.1 Beta Developer Guide |
Chapter 7 Identrus logging
The Identrus Transaction Coordinator specifications identify two specific logging actions, these being:
Logging of all messages sent and received by the Transaction Coordinator (Raw logging)
Overview
The iPlanet Trustbase Transaction Manager fulfils both of these requirements as a default action of processing an Identrus message. The data is stored within the RDBMS specified at installation time, and the tables are available for developers via standard JDBC to provide services that use this information.The following sections define the tables stored in the RDBMS and identify the relationships between each table. The iPlanet Trustbase Transaction Manager will utilise all of the tables described below for all Identrus messages; there should be no requirement for a developer to write to any of these tables.
Connection information
The tables below provide the column definitions for the SMTP/SMIME connection logs: Data in Table 7-1 is extracted from the SMIME v2 signature body part on the message.
Table 7-1    SMIME Transport
smime_transport table
Provides a link back to the smtp_message table
The issuer_dn of the certificate that was used to verify the message
The serial number of the certificate used to verify the message.
Table 7-2    SMTP Connection
smtp_connection table
Provides a link back to the smtp_message table
Table 7-3    SMTP Message
smtp_message table
The ssl_connection and smtp_message tables both have connection_id fields that are passed to the iPlanet Trustbase Transaction Manager running in the application server. This connection_id is stored within the Identrus Log table allowing queries that link the originator information with the actual requests made.
Table 7-4    OCSP_DATA
ocsp_data table
The URL to which the request was submitted to or the response was received from
Identrus log tables
The default presentation handlers for Identrus messages record the following data for each message that is sent or received.
In order to reduce the volume of data logged with each Identrus message the certificates contained with the message header are stripped out and stored in a certificate table. If the iPlanet Trustbase Transaction Manager has already logged a particular certificate in the table it will not be logged again. The information stored within the table is:
Table 7-5    Certdata
cert_data table
The issuer distinguished name of the certificate, RFC 2253 format string.
The subject distinguished name from the certifcate, in RFC2253 format
This data is designed to be tamper evident, and services should under no circumstances modify data within the Identrus Log or Tamper tables. The tamper checking is achieved by producing a continuous hash that is stored with each record, and the current hash is stored within a signed record within a separate tamper table. The Tamper table fields are not described here, see the Installation and Configuration Guide for information on how to check the tamper status of records in the raw log.
The Identrus data table records identrus specific message data, which can be related to the raw log records in the raw_data table, using the rawrecordid foreign key [ see the chapter Logging: Error, Audit and Raw for a description of raw logging ]
Billing records
Billing records are a sub-set of the information within the raw message log that provides sufficient information to determine who made each transaction. These tables are designed for used by third party tools that generate the actual Bill for the customer. The definitions for the bill table columns are as follows:
Table 7-6    Bill data
Previous Contents DocHome Index Next
Copyright © 2001 Sun Microsystems, Inc. Some preexisting portions Copyright © 2001 Netscape Communications Corp. All rights reserved.
Last Updated October 31, 2002