Log failed authentications

Ignacio Amoeiro Bosch ignacio.amoeiro at extern.ibsalut.es
Wed May 13 15:30:46 UTC 2020

Ok, didn't knew about the rest service


-----Mensaje original-----
De: users <users-bounces at shibboleth.net> En nombre de Cantor, Scott
Enviado el: miércoles, 13 de mayo de 2020 15:56
Para: Shib Users <users at shibboleth.net>
Asunto: Re: Log failed authentications

On 5/13/20, 9:49 AM, "users on behalf of Ignacio Amoeiro Bosch" <users-bounces at shibboleth.net on behalf of ignacio.amoeiro at extern.ibsalut.es> wrote:

> Is possible to audit failed login authentications in audit-event logger?

No. That's impossible in general because most of them end up back on the login page waiting for another attempt. Auditing is at the request/response level of the overall profile attempt. Failed logins are a diagnostic logging use case. Failed authentication overall in the cases that a flow actually terminates in some way are audited with various event signals and/or SAML status results.

Failed logins are also tracked numerically with metrics via counters.

-- Scott

For Consortium Member technical support, see https://ddec1-0-en-ctp.trendmicro.com:443/wis/clicktime/v1/query?url=https%3a%2f%2fwiki.shibboleth.net%2fconfluence%2fx%2fcoFAAg&umid=f4392991-98d0-4d6b-bbe6-3f8051ba64c1&auth=1c980b950b810d2ebe959a136e6fc6796ec23183-84162c7878b34814da0c5a0aa790d17dda5166d6
To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net

More information about the users mailing list