Audit Log - success/failed authentications
Christopher Bongaarts
cab at umn.edu
Tue Jul 10 18:07:11 EDT 2018
On 7/10/2018 2:24 PM, Cantor, Scott wrote:
>> Can the audit log be configured to capture both successful and fail
>> authentications?
> It logs neither, auditing records the results of completing profile requests. Authentication is not represented formally there, only completed requests. If a profile request completing successfully implies something about authentication, current or otherwise, that's as close as it gets.
If you are using LDAP authentication, you can get ldaptive to at least
log some of this to the idp-process.log (or elsewhere with sufficient
logback wizardry). Easiest way is to set the ldap loglevel variable at
the top of logback.xml to INFO or higher:
<variable name="idp.loglevel.ldap" value="INFO" />
You'll get more than just the success and failure, and the logs will
reflect the LDAP DN rather than the entered username.
It's possible other authn methods have similar logging that could be
enabled.
--
%% Christopher A. Bongaarts %% cab at umn.edu %%
%% OIT - Identity Management %% http://umn.edu/~cab %%
%% University of Minnesota %% +1 (612) 625-1809 %%
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20180710/bb01e6c0/attachment.html>
More information about the users
mailing list