Versions Compared

Old Version 21

changes.mady.by.user ScottS

Saved on

compared with

New Version 22

changes.mady.by.user ScottS

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

A more detailed outline is as follows:

No Format

Logging

...

 
a.	Log requirements from security group

...


  i.	ability to identify who was logged on based on IP address.

...


  ii.	ability to identify who was logged on based on date and time.

...


  iii.	online logs retained for at least two weeks

...


  iv.	archived logs retained for at least one quarter

...


b.	User interactions:

...

 
  i.	time, WEB LOGIN SERVICE_SID, username, IP, referrer, browser, event description

...


  ii.	events logged

...


    1.	sees login screen (asked for authentication)

...

 
    2.	successful authentication

...


    3.	requested warnings (checkbox checked)

...


    4.	unsuccessful authentication

...


    5.	authentication warning screen presented (due to user's request)

...


    6.	inactivity timeout (session)

...


    7.	wall clock timeout (TGT)

...

 
    8.	bad attempt lockout (within WEB LOGIN SERVICE; WEB LOGIN SERVICE won't know about LDAP)

...


    9.  logout

...


c.	Ticket events

...


  i.	time, granting/validating, WEB LOGIN SERVICE_SID, success/no, username,
        IP (of user/of service host), browser/?, referrer, target service, ticket value

...


  ii.	(WEB LOGIN SERVICE session id = something that is given to the user at the very first
        interaction-- so we can track the user's WEB LOGIN SERVICE session across all requests)

...

 
d.	Error logging

...


  i.	authn store check failed (LDAP or Ecomms or ...)

...


    1.	time, username, authn store, detailed error

...

 
  ii.	other exceptions - code audit for ideas

...

 
e.	Log format

...


  i.	Tab separated file

...


  ii.	Columns as follows

...


    1.	date/time - YYYY-MM-DD HH:MI:SS,MIL

...


      a.	HH = 24 hour with leading

...

 zero
      b.	MIL = Milliseconds, 3 digits

...


    2.	Event

...

 type
      a.	LOGIN_DISPLAY

...


      b.	AUTHN_LDAP

...


      c.	AUTHN_<....> (other AuthN handler)

...


      d.	CRED_PASS

...


      e.	TICKET_GRANT

...


      f.	TICKET_VALIDATE

...


      g.

...

	LOGOUT
      h.	INACTIVITY_TIMEOUT

...


      i.	WALL_CLOCK_TIMEOUT

...


      j.	BAD_AUTHN_LOCKOUT

...


      k.	WARNINGS_REQUESTED

...

 
    3.	Session ID - 128 bit in hex format

...


    4.	username - email address format

...


    5.	IP address - IP source of request

...


    6.	success/fail - status of request (where appropriate: b,c,e,f)

...


    7.	Service URL (where appropriate: d,e,f)

...


    8.	Ticket ID (where appropriate: e,f)

Who has done this

Cal Poly.

...