[mitreid-connect] Audit logging?

Fredrik Jönsson fjo at kth.se
Tue Feb 3 04:46:38 EST 2015


> 2 feb 2015 kl. 20:57 skrev Justin Richer <jricher at mit.edu>:
> 
> That's interesting, org.mitre should of course be configured separately but it should still be configurable. We have it set out of the box to the "INFO" logging level.

It is configurable in log4j. What I meant is that currently there are almost no calls to any logger pretty much anywhere in the org.mitre code base as far as I can see.

> It also sounds like what you're after is more of a discrete event log as opposed to application processing. That aligns with the feature style that we had in mind too, so I think that we can pretty readily come up with a solution that fits both our use cases and have it (or at least the framework) be a part of 1.2.0.

Sounds great.

> I'll look into the CAS server you mentioned to see how they do it, but any information you can provide regarding what you like about it and not, I would appreciate learning from that perspective.

Essentially the default cas.log in Jasig CAS prints out a comprehensive list of requests with results. 
E.g.,
* user x requested a service ticket for service y and service ticket st was granted
* service y validated service ticket st
* user z requested a ticket granting ticket but was denied due to bad credentials

They are logged through a specific component so that they are easily separated and can be sent to a central log-server.

The MitreID Connect server has similar events, albeit more of them and more complex.

An improvement over the Jasig CAS log would be to use some format more easily integrated with logstash.

Best regards,
/Fredrik




More information about the mitreid-connect mailing list