Feature/Migration to Liferay 74

.github/workflows/build.yml

@@ -0,0 +1,38 @@
+name: SonarCloud
+on:
+        push:
+                branches:
+                        - master
+                        - feature/migrazione-liferay-74
+        pull_request:
+                types: [opened, synchronize, reopened]
+jobs:
+        build:
+                name: Build and analyze
+                runs-on: ubuntu-latest
+                steps:
+                        - uses: actions/checkout@v3
+                          with:
+                                  fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
+                        - name: Set up JDK 11
+                          uses: actions/setup-java@v3
+                          with:
+                                  java-version: 11
+                                  distribution: 'zulu' # Alternative distribution options are available
+                        - name: Cache SonarCloud packages
+                          uses: actions/cache@v3
+                          with:
+                                  path: ~/.sonar/cache
+                                  key: ${{ runner.os }}-sonar
+                                  restore-keys: ${{ runner.os }}-sonar
+                        - name: Cache Gradle packages
+                          uses: actions/cache@v3
+                          with:
+                                  path: ~/.gradle/caches
+                                  key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }}
+                                  restore-keys: ${{ runner.os }}-gradle
+                        - name: Build and analyze
+                          env:
+                                  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}  # Needed to get PR information, if any
+                                  SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+                          run: ./gradlew build sonar --info

.github/workflows/gradle-publish.yml

@@ -7,19 +7,22 @@ on:
   release:
     types: [created]
   push:
-    branches: [ master ]
+    branches:
+      - master
+      - feature/migrazione-liferay-74
 
 jobs:
   build:
 
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v2
-      - name: Set up JDK 1.8
-        uses: actions/setup-java@v1
+      - uses: actions/checkout@v3
+      - name: Set up JDK 11
+        uses: actions/setup-java@v3
         with:
-          java-version: 1.8
+          java-version: 11
+          distribution: 'adopt'
           server-id: github # Value of the distributionManagement/repository/id field of the pom.xml
           settings-path: ${{ github.workspace }} # location for the settings.xml file
 

CHANGELOG.markdown

@@ -4,6 +4,11 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
 and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
 
+## [1.4.0] - 2023-07-25
+### Added
+- Added support for Liferay 7.4 GA85
+- Added new Slack Audit Message Processor
+
 ## [1.3.1] - 2020-09-04
 ### Added
 - Added support for Liferay 7.3 GA5

LICENSE.txt

@@ -1,4 +1,4 @@
-Copyright 2009-2021 Antonio Musarra's Blog - https://www.dontesta.it
+Copyright 2009-2023 Antonio Musarra's Blog - https://www.dontesta.it
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

README.md

@@ -1,8 +1,7 @@
 # Liferay 7 Portal Security Audit
 [![Antonio Musarra's Blog](https://img.shields.io/badge/maintainer-Antonio_Musarra's_Blog-purple.svg?colorB=6e60cc)](https://www.dontesta.it)
-[![Build Status](https://travis-ci.org/amusarra/liferay-portal-security-audit.svg?branch=master)](https://travis-ci.org/amusarra/liferay-portal-security-audit)
+![Build and Package Status](https://github.com/amusarra/liferay-portal-security-audit/actions/workflows/gradle-publish.yml/badge.svg)
 [![Quality Gate Status](https://sonarcloud.io/api/project_badges/measure?project=amusarra_liferay-portal-security-audit&metric=alert_status)](https://sonarcloud.io/dashboard?id=amusarra_liferay-portal-security-audit)
-[![Twitter Follow](https://img.shields.io/twitter/follow/antonio_musarra.svg?style=social&label=%40antonio_musarra%20on%20Twitter&style=plastic)](https://twitter.com/antonio_musarra)
 
 
 This project refers to the ebook [Liferay Portal Security Audit](https://goo.gl/AC8VRo) published by
@@ -11,10 +10,10 @@ This project refers to the ebook [Liferay Portal Security Audit](https://goo.gl/
 At the beginning of the article the source code of
 Liferay Portal Security Audit (freely available on GitHub) was examined.
 Later, in the article we also discussed how to implement the OSGi components
-necessary to obtain a Audit Service system running on the Community Edition of
+necessary to obtain an Audit Service system running on the Community Edition of
 Liferay. The project is organized as described in Table 1.
 
-![Liferay Portal Security Audit - Architecture](https://www.dontesta.it/wp-content/uploads/2018/01/LiferayPortalSecurityAuditArchitecture_v1.0.0.png)
+![Liferay Portal Security Audit - Architecture](docs/images/macro_architecture_of_liferay_portal_security_audit.jpg)
 
 Figure 1. Macro Architecture of Liferay Portal Security Audit
 
@@ -30,7 +29,7 @@ Version 7.1 of Liferay has *introduced the implementation of a default router*,
 for this reason in this version of the project there is no longer the bundle
 **portal-security-audit-router**.
 
-The module **portal-security-audit-capture-events** contains the follow OSGi components for capture this events:
+The module **portal-security-audit-capture-events** contains the follow OSGi components for capture these events:
 1. Login Failure
 2. Login Post Action
 3. Logout Post Action
@@ -40,6 +39,7 @@ The module **portal-security-message-processor** contains the follow OSGi compon
 2. Login Failure Message Processor
 3. Cloud AMQP Audit Message Processor
 4. Syslog Audit Message Processor (from version 1.3.0)
+5. Slack Audit Message Processor (from version 1.4.0)
 
 For more information about the *Cloud AMQP Audit Message Processor* I advise you to read
 [CloudAMQP Audit Message Processor for Liferay 7/DXP](https://dzone.com/articles/liferay-7-cloud-amqp-audit-message-processor)
@@ -57,69 +57,87 @@ $ cd liferay-portal-security-audit
 $ ./gradlew clean deploy
 $ cp ../bundles/osgi/modules/*.jar $LIFERAY_HOME/deploy/
 ```
+Console 1 - Steps to obtain and install the modules
 
-In the my case $LIFERAY_HOME is set on this directory 
-/Users/antoniomusarra/dev/liferay/liferay-ce-portal-7.2.1-ga2
+In the case `$LIFERAY_HOME` is set on this directory 
+`/Users/amusarra/dev/liferay/liferay-ce-portal-7.2.1-ga2`
 
 Verify the correct deployment of the two bundles via the Liferay log file or
-through the Gogo Shell using the lb command, making sure that the status is
+through the Gogo Shell using the `lb` command, making sure that the status is
 Active.
 
 From Liferay version 7.1 GA1 access to the GogoShell via telnet has been disabled. 
 To re-enable access, you need to set the portal in developer mode. Form more info
-read this [setting developer mode for your server using portal-developer.properties](https://dev.liferay.com/en/develop/tutorials/-/knowledge_base/7-1/using-developer-mode-with-themes#setting-developer-mode-for-your-server-using-portal-developer-properties)
+read this [setting developer mode for your server using portal-developer.properties](https://help.liferay.com/hc/en-us/articles/360018162091-Using-Developer-Mode-with-Themes)
+
+You can use Docker to run a Liferay 7.4 GA85 instance and deploy the bundles.
+Using the following Docker command. Form more information about Liferay Docker,
+read this [Starting with a Docker Image](https://learn.liferay.com/w/dxp/getting-started/starting-with-a-docker-image?p_l_back_url=%2Fsearch%3Fq%3DDocker&highlight=Docker)
+
+```
+$ docker run -it -m 8g -p 8080:8080 -p 11311:11311 -v $(pwd):/mnt/liferay liferay/portal:7.4.3.85-ga85
+```
+Console 2 - Run Liferay 7.4 GA85 as container
 
 ```
 $ telnet localhost 11311
 
 g! lb Audit
 START LEVEL 20
    ID|State      |Level|Name
-  940|Active     |   10|Liferay CE Foundation - Liferay CE Portal Security Audit - API (1.0.0)|1.0.0
-  941|Active     |   10|Liferay Portal Security Audit API (5.0.9)|5.0.9
-  942|Active     |   10|Liferay Portal Security Audit Event Generators API (4.0.6)|4.0.6
-  943|Active     |   10|Liferay Portal Security Audit Storage API (5.2.7)|5.2.7
-  944|Active     |   10|Liferay CE Foundation - Liferay CE Portal Security Audit - Impl (1.0.0)|1.0.0
-  945|Active     |   10|Liferay Portal Security Audit Event Generators User Management (4.0.7)|4.0.7
-  946|Active     |   10|Liferay Portal Security Audit Implementation (3.0.6)|3.0.6
-  947|Active     |   10|Liferay Portal Security Audit Router (5.0.11)|5.0.11
-  948|Active     |   10|Liferay Portal Security Audit Storage Service (5.0.17)|5.0.17
-  949|Active     |   10|Liferay Portal Security Audit Wiring (5.0.5)|5.0.5
- 1386|Active     |   15|Liferay Portal Security Audit Capture Events (1.1.1.SNAPSHOT)|1.1.1.SNAPSHOT
- 1387|Active     |   15|Liferay Portal Security Audit Message Processor (1.2.1.SNAPSHOT)|1.2.1.SNAPSHOT
+ 1113|Active     |   10|Liferay CE Foundation - Liferay CE Portal Security Audit - API (1.0.0)|1.0.0
+ 1114|Active     |   10|Liferay Portal Security Audit API (8.0.0)|8.0.0
+ 1115|Active     |   10|Liferay Portal Security Audit Event Generators API (6.2.0)|6.2.0
+ 1116|Active     |   10|Liferay Portal Security Audit Storage API (8.0.0)|8.0.0
+ 1204|Active     |   10|Liferay CE Foundation - Liferay CE Portal Security Audit - Impl (1.0.0)|1.0.0
+ 1205|Active     |   10|Liferay Portal Security Audit Event Generators User Management (5.0.11)|5.0.11
+ 1206|Active     |   10|Liferay Portal Security Audit Implementation (4.0.7)|4.0.7
+ 1207|Active     |   10|Liferay Portal Security Audit Router (6.0.19)|6.0.19
+ 1208|Active     |   10|Liferay Portal Security Audit Storage Service (6.0.37)|6.0.37
+ 1209|Active     |   10|Liferay Portal Security Audit Wiring (6.0.21)|6.0.21
+ 1609|Active     |   10|Liferay Portal Security Audit Capture Events (1.2.0.SNAPSHOT)|1.2.0.SNAPSHOT
+ 1610|Active     |   10|Liferay Portal Security Audit Message Processor (1.3.0.SNAPSHOT)|1.3.0.SNAPSHOT
 ```
+Console 3 - Verify the correct deployment of the two bundles via the Gogo Shell
 
-As you can see, version 7.2 of Liferay has introduced several more bundles about 
+As you can see, since version 7.2 of Liferay has introduced several more bundles about 
 the audit framework. One of the most important bundles is the one implements 
 the Audit Router.
 
 After installing the two bundles, you can access the configuration via the
 Liferay control panel.
 
-![Liferay Portal Security Audit - Configuration](https://www.dontesta.it/wp-content/uploads/2018/09/LiferayPortalSecurityAudit_Configuration_1.png)
+![Liferay Portal Security Audit - Configuration](docs/images/osgi_configuration_audit.png)
 
 Figure 1. OSGi Configuration of the Audit bundles.
 
-![Liferay Portal Security Audit - Audit Configuration](https://www.dontesta.it/wp-content/uploads/2018/09/LiferayPortalSecurityAudit_Configuration_2.png)
+![Liferay Portal Security Audit - Audit Configuration](docs/images/osgi_configuration_custom_message_audit_processor.jpg)
 
 Figure 2. General Audit Configuration and configuration for the custom Audit Message Processor.
 
-![Liferay Portal Security Audit - Dummy Message Processor Configuration](https://www.dontesta.it/wp-content/uploads/2018/09/LiferayPortalSecurityAudit_Configuration_3.png)
+![Liferay Portal Security Audit - Dummy Message Processor Configuration](docs/images/osgi_configuration_dummy_message_audit_processor.png)
 
 Figure 3. OSGi Configuration of the Dummy Message Audit Processor.
 
-![Liferay Portal Security Audit - Login Failure Message Processor Configuration](https://www.dontesta.it/wp-content/uploads/2018/09/LiferayPortalSecurityAudit_Configuration_4.png)
+![Liferay Portal Security Audit - Login Failure Message Processor Configuration](docs/images/osgi_configuration_login_message_audit_processor.png)
 
 Figure 4. OSGi Configuration of the Login Failure Message Audit Processor.
 
-![Liferay Portal Security Audit - CloudAMQP Message Processor Configuration](https://www.dontesta.it/wp-content/uploads/2018/09/LiferayPortalSecurityAudit_Configuration_5.png)
+![Liferay Portal Security Audit - CloudAMQP Message Processor Configuration](docs/images/osgi_configuration_cloud_amqp_message_audit_processor.png)
 
 Figure 5. OSGi Configuration of the CloudAMQP Message Audit Processor.
 
-![Liferay Portal Security Audit - Syslog Message Processor Configuration](https://www.dontesta.it/wp-content/uploads/2020/09/LiferayPortalSecurityAudit_Configuration_6.png)
+![Liferay Portal Security Audit - Syslog Message Processor Configuration](docs/images/osgi_configuration_syslog_message_audit_processor.png)
 
 Figure 6. OSGi Configuration of the Syslog Message Audit Processor.
 
+![Liferay Portal Security Audit - Slack Message Processor Configuration](docs/images/osgi_configuration_slack_message_audit_processor.jpg)
+
+Figure 7. OSGi Configuration of the Slack Message Audit Processor.
+
+The Slack Audit Message Processor use the [Slack Web API](https://api.slack.com/web) to send messages 
+to Slack using the [Incoming Webhooks](https://api.slack.com/messaging/webhooks) feature.
+
 If you enable Audit, then the two message processors and finally the Scheduler
 Helper Engine, on Liferay log files, you will see the audit messages (of the
 running jobs, of the login processes, etc.). If you were to fail the login
@@ -163,9 +181,13 @@ Sep  4 13:38:38 192.168.1.7 myLiferayInstance {"classPK":"35501","companyId":"20
 Log 4. Entry on the remote syslog server with two different message format. 
 
 
-![Liferay PortalSecurity Audit - Login Failure Audit Message Processor Email Report](https://www.dontesta.it/wp-content/uploads/2018/01/LiferayPortalSecurityAuditConfiguration_4.png)
+![Liferay Portal Security Audit - Login Failure Audit Message Processor Email Report](docs/images/email_login_failure.png)
+
+Figure 8. Email send by Login Failure Audit Message Processor
+
+![Liferay Portal Security Audit - Login Failure Audit Message Processor Slack Message](docs/images/audit_message_on_slack.jpg)
 
-Figure 6. Email send by Login Failure Audit Message Processor
+Figure 9. Login Failure Audit Message Processor Slack Message
 
 ## Team Tools
 
@@ -183,7 +205,7 @@ Thanks to SonarQube Team for free analysis solution for open source projects.
 ## License
 MIT License
 
-Copyright 2009-2021 Antonio Musarra's Blog - https://www.dontesta.it
+Copyright 2009-2023 Antonio Musarra's Blog - https://www.dontesta.it
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

build.gradle

@@ -1,16 +1,12 @@
 buildscript {
     dependencies {
-        classpath group: "com.gradle", name: "build-scan-plugin",
-                version: "1.16"
         classpath group: "com.liferay", name: "com.liferay.gradle.plugins",
-                version: "4.4.34"
-        classpath "org.sonarsource.scanner.gradle:sonarqube-gradle-plugin:2.7"
+                version: "14.0.158"
+        classpath "org.sonarsource.scanner.gradle:sonarqube-gradle-plugin:4.2.1.3168"
     }
 
     repositories {
-        maven {
-            url "https://plugins.gradle.org/m2/"
-        }
+        mavenCentral()
         maven {
             url "https://repository-cdn.liferay.com/nexus/content/groups/public"
         }
@@ -58,15 +54,12 @@ subprojects {
     }
 }
 
-apply plugin: "com.gradle.build-scan"
 apply plugin: "org.sonarqube"
 
-buildScan {
-    termsOfServiceUrl = "https://gradle.com/terms-of-service"
-    termsOfServiceAgree = "yes"
-}
-
-task wrapper(type: Wrapper) {
-    gradleVersion = '4.10'
-    jarFile = "${project.projectDir}/gradle/wrapper/gradle-wrapper.jar"
+sonar {
+    properties {
+        property "sonar.projectKey", "amusarra_liferay-portal-security-audit"
+        property "sonar.organization", "amusarra-github"
+        property "sonar.host.url", "https://sonarcloud.io"
+    }
 }

copyright.txt

@@ -1,5 +1,5 @@
 /**
- * Copyright 2009-2021 Antonio Musarra's Blog - https://www.dontesta.it
+ * Copyright 2009-2023 Antonio Musarra's Blog - https://www.dontesta.it
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal

gradle/wrapper/gradle-wrapper.properties

@@ -1,6 +1,5 @@
-#Sun Jan 21 20:53:54 CET 2018
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
+distributionUrl=https\://services.gradle.org/distributions/gradle-6.6.1-bin.zip
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-4.10.3-bin.zip

gradlew.bat

@@ -63,7 +63,7 @@ set CMD_LINE_ARGS=%*
 :execute
 @rem Setup the command line
 
-set CLASSPATH=%APP_HOME%\.gradle-wrapper\gradle-wrapper.jar
+set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar
 
 @rem Execute Gradle
 "%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %CMD_LINE_ARGS%

portal-security-audit-capture-events/build.gradle

@@ -1,10 +1,10 @@
 apply plugin: "com.liferay.plugin"
 
 dependencies {
-	compileOnly group: "com.liferay.portal", name: "release.portal.api", version: "7.3.5-ga6"
+	compileOnly group: "com.liferay.portal", name: "release.portal.api", version: "7.4.3.85-ga85"
 }
 
-version = "1.1.1-SNAPSHOT"
+version = "1.2.0-SNAPSHOT"
 
 jar {
 	bnd ('Bundle-Version': project.version)

portal-security-audit-message-processor/build.gradle

@@ -4,11 +4,11 @@ dependencies {
 	compileInclude group: "com.cloudbees", name: "syslog-java-client", version: "1.1.7"
 	compileInclude group: "com.rabbitmq", name: "amqp-client", version: "5.13.1"
 
-	compileOnly group: "com.liferay.portal", name: "release.portal.api", version: "7.3.5-ga6"
+	compileOnly group: "com.liferay.portal", name: "release.portal.api", version: "7.4.3.85-ga85"
 	compileOnly group: "javax.mail", name: "mail", version: "1.4"
 }
 
-version = "1.2.1-SNAPSHOT"
+version = "1.3.0-SNAPSHOT"
 
 jar {
 	bnd ('Bundle-Version': project.version)