Impersonation and uu line log in idp_audit
francesco.malvezzi at unimore.it
Fri Aug 27 11:24:56 UTC 2021
thank you so much for the impersonation flow that works great.
Documentation  reads:
"If the policy allows access, the flow will:
add an audit field ("uu") containing the impersonating account so
that it can be recorded in the audit log"
The only log line about impersonation I can find is:
2021-08-27 11:53:27,806 - INFO
[net.shibboleth.idp.profile.interceptor:-2] - Impersonation by principal
'alice' as 'bob' to relying party 'my_relying_party'
Unfortunately the IdP has been upgraded in-place since version 2.4.0 up
to 4.1.4 and I'm pretty sure some of the conf files date back to ancient
So I pretty much suspect the ability to add the uu line in the logs is
coded in a file that it's not up-to-date because there was a small
conflict and upgrade process skipped it.
If you could point to some suspects I can merge by hand,
More information about the users