Re: [cas-user] Inspektr

[Man H]

yes

2018-02-28 17:02 GMT-03:00 Cheltenham, Chris :

> Does anyone use inspektr ?
>
>
>
> I simply changed error to info this entry in log4j2
>
>
>
>  includeLocation="true">
>
> 
>
> 
>
> 
>
>
>
> From what I read this is supposed to log into cas_audit.log.
>
>
>
> Is that all that I am to do?
>
>
>
>
>
>
>
> ===
>
> Thank You;
>
> Chris Cheltenham
> Technology Services
> The School District of Philadelphia
>
> Work # 215-400-5025
> Cell # 215-301-6571
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit https://groups.google.com/a/
> apereo.org/d/msgid/cas-user/014d01d3b0cf%24014a4600%
> 2403ded200%24%40philasd.org
> 
> .
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAMY5miedJoW-Vw7ZGoQJyvYjWJw_JHv3t4gRKUCF4jdSGPJVqw%40mail.gmail.com.

[cas-user] Inspektr

[Cheltenham, Chris]

Does anyone use inspektr ?

 

I simply changed error to info this entry in log4j2

 









 

>From what I read this is supposed to log into cas_audit.log.

 

Is that all that I am to do?

 

 

 

===

Thank You;

Chris Cheltenham
Technology Services
The School District of Philadelphia

Work # 215-400-5025
Cell # 215-301-6571 

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/014d01d3b0cf%24014a4600%2403ded200%24%40philasd.org.

Re: [cas-user] inspektr

[Man H]

This is for creating your own audit entry points.
Cas already defined them, so you just use it.

2018-02-09 17:30 GMT-03:00 Cheltenham, Chris :

> Does anyone have better documentation for inspektr?
>
>
>
>
>
> I just read this
>
>
>
> https://github.com/apereo/inspektr/blob/master/README.md
>
>
>
> and I have NO clue what any of it means.
>
>
>
>
>
>
>
> ===
>
> Thank You;
>
> Chris Cheltenham
> Technology Services
> The School District of Philadelphia
>
> Work # 215-400-5025
> Cell # 215-301-6571
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit https://groups.google.com/a/
> apereo.org/d/msgid/cas-user/00e101d3a1e4%24d132a910%
> 247397fb30%24%40philasd.org
> 
> .
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAMY5mifoC7h77CeR4JWWUsZ0WC6V8PpYvmZnAnuatiXeK74CrQ%40mail.gmail.com.

[cas-user] inspektr

[Cheltenham, Chris]

Does anyone have better documentation for inspektr?

 

 

I just read this 

 

https://github.com/apereo/inspektr/blob/master/README.md

 

and I have NO clue what any of it means.

 

 

 

===

Thank You;

Chris Cheltenham
Technology Services
The School District of Philadelphia

Work # 215-400-5025
Cell # 215-301-6571 

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/00e101d3a1e4%24d132a910%247397fb30%24%40philasd.org.

Re: [cas-user] Inspektr audit says AUTHENTICATION_SUCCESS on authentication failures

[Oscar del Pozo]

Thanks!

El martes, 23 de enero de 2018, 12:50:29 (UTC+1), Dmitriy Kopylenko 
escribió:
>
> https://github.com/apereo/inspektr
>
> D. 
>
>
>
>
> On Tue, Jan 23, 2018 at 5:38 AM -0500, "Oscar del Pozo" <
> oscard...@gmail.com > wrote:
>
> There is a bug in the module inspektr-audit-1.7.1.GA when an Exception is 
>> thrown on an authentication process that ends logging the authentication as 
>> successfully:
>>
>> Logs:
>>
>> 2018-01-23 11:18:18,583 ERROR 
>>> [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - 
>>> >> has failed. Credentials may be incorrect or CAS cannot find 
>>> authentication handler that supports 
>>> [org.apereo.cas.authentication.principal.ClientCredential@77d80cf8[id=]]
>>>  
>>> of type [ClientCredential].>
>>> 2018-01-23 11:18:57,038 INFO 
>>> [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - >> trail record BEGIN
>>> =
>>> WHO: null
>>> WHAT: Supplied credentials: 
>>> [org.apereo.cas.authentication.principal.ClientCredential@77d80cf8[id=]]
>>> ACTION: AUTHENTICATION_SUCCESS
>>> APPLICATION: CAS
>>> WHEN: Tue Jan 23 11:18:57 CET 2018
>>> CLIENT IP ADDRESS: 192.168.56.1
>>> SERVER IP ADDRESS: 192.168.56.1
>>> =
>>
>>
>> The bug is located at 
>> *org.apereo.inspektr.audit.AuditTrailManagementAspect@handleAuditTrail(final 
>> ProceedingJoinPoint joinPoint, final Audit audit) throws Throwable*:
>>
>> @Around(value = "@annotation(audit)", argNames = "audit")
>> public Object handleAuditTrail(final ProceedingJoinPoint joinPoint, 
>> final Audit audit) throws Throwable {
>> final AuditActionResolver auditActionResolver = 
>> this.auditActionResolvers.get(audit.actionResolverName());
>> final AuditResourceResolver auditResourceResolver = 
>> this.auditResourceResolvers.get(audit.resourceResolverName());
>>
>> String currentPrincipal = null;
>> String[] auditResource = new String[]{null};
>> String action = null;
>> Object retVal = null;
>> try {
>> retVal = joinPoint.proceed();
>>
>> currentPrincipal = 
>> this.auditPrincipalResolver.resolveFrom(joinPoint, retVal);
>> auditResource = auditResourceResolver.resolveFrom(joinPoint, 
>> retVal);
>> action = auditActionResolver.resolveFrom(joinPoint, retVal, 
>> audit);
>>
>> return retVal;
>> } catch (final Throwable e) {
>> currentPrincipal = 
>> this.auditPrincipalResolver.resolveFrom(joinPoint, e);
>> auditResource = auditResourceResolver.resolveFrom(joinPoint, 
>> e);
>> action = auditActionResolver.resolveFrom(joinPoint, e, 
>> audit);
>> throw e;
>> } finally {
>> executeAuditCode(currentPrincipal, auditResource, joinPoint, 
>> retVal, action, audit);
>> }
>> }
>>
>> The problem here is that the auditActionResolver has two methods:
>>
>> String resolveFrom(JoinPoint auditableTarget, Object retval, Audit audit);
>>
>> String resolveFrom(JoinPoint auditableTarget, Exception exception, Audit 
>> audit);
>>
>> When we try to invoke the second one, we have to cast the exception e to 
>> do not enter in the first method, where the success suffix will be applied 
>> to the audit log.
>>
>> To fix this, the catch block  should be
>>
>> } catch (final Throwable e) {
>> currentPrincipal = 
>> this.auditPrincipalResolver.resolveFrom(joinPoint, e);
>> auditResource = auditResourceResolver.resolveFrom(joinPoint, 
>> e);
>> action = auditActionResolver.resolveFrom(joinPoint, 
>> (Exception) e, audit);
>> throw e;
>> }
>>
>> I would make a pull-request, but I haven't found the source code at 
>> github.
>>
>> -- 
>> - Website: https://apereo.github.io/cas
>> - Gitter Chatroom: https://gitter.im/apereo/cas
>> - List Guidelines: https://goo.gl/1VRrw7
>> - Contributions: https://goo.gl/mh7qDG
>> --- 
>> You received this message because you are subscribed to the Google Groups 
>> "CAS Community" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to cas-user+u...@apereo.org .
>> To view this discussion on the web visit 
>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/019cf236-26be-4c3d-97e6-0bb731b8217e%40apereo.org
>>  
>> 
>> .
>>
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on 

[cas-user] Inspektr audit says AUTHENTICATION_SUCCESS on authentication failures

[Oscar del Pozo]

There is a bug in the module inspektr-audit-1.7.1.GA when an Exception is 
thrown on an authentication process that ends logging the authentication as 
successfully:

Logs:

2018-01-23 11:18:18,583 ERROR 
> [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - 
>  has failed. Credentials may be incorrect or CAS cannot find 
> authentication handler that supports 
> [org.apereo.cas.authentication.principal.ClientCredential@77d80cf8[id=]]
>  
> of type [ClientCredential].>
> 2018-01-23 11:18:57,038 INFO 
> [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] -  trail record BEGIN
> =
> WHO: null
> WHAT: Supplied credentials: 
> [org.apereo.cas.authentication.principal.ClientCredential@77d80cf8[id=]]
> ACTION: AUTHENTICATION_SUCCESS
> APPLICATION: CAS
> WHEN: Tue Jan 23 11:18:57 CET 2018
> CLIENT IP ADDRESS: 192.168.56.1
> SERVER IP ADDRESS: 192.168.56.1
> =


The bug is located at 
*org.apereo.inspektr.audit.AuditTrailManagementAspect@handleAuditTrail(final 
ProceedingJoinPoint joinPoint, final Audit audit) throws Throwable*:

@Around(value = "@annotation(audit)", argNames = "audit")
public Object handleAuditTrail(final ProceedingJoinPoint joinPoint, 
final Audit audit) throws Throwable {
final AuditActionResolver auditActionResolver = 
this.auditActionResolvers.get(audit.actionResolverName());
final AuditResourceResolver auditResourceResolver = 
this.auditResourceResolvers.get(audit.resourceResolverName());

String currentPrincipal = null;
String[] auditResource = new String[]{null};
String action = null;
Object retVal = null;
try {
retVal = joinPoint.proceed();

currentPrincipal = 
this.auditPrincipalResolver.resolveFrom(joinPoint, retVal);
auditResource = auditResourceResolver.resolveFrom(joinPoint, 
retVal);
action = auditActionResolver.resolveFrom(joinPoint, retVal, 
audit);

return retVal;
} catch (final Throwable e) {
currentPrincipal = 
this.auditPrincipalResolver.resolveFrom(joinPoint, e);
auditResource = auditResourceResolver.resolveFrom(joinPoint, e);
action = auditActionResolver.resolveFrom(joinPoint, e, audit);
throw e;
} finally {
executeAuditCode(currentPrincipal, auditResource, joinPoint, 
retVal, action, audit);
}
}

The problem here is that the auditActionResolver has two methods:

String resolveFrom(JoinPoint auditableTarget, Object retval, Audit audit);

String resolveFrom(JoinPoint auditableTarget, Exception exception, Audit 
audit);

When we try to invoke the second one, we have to cast the exception e to do 
not enter in the first method, where the success suffix will be applied to 
the audit log.

To fix this, the catch block  should be

} catch (final Throwable e) {
currentPrincipal = 
this.auditPrincipalResolver.resolveFrom(joinPoint, e);
auditResource = auditResourceResolver.resolveFrom(joinPoint, e);
action = auditActionResolver.resolveFrom(joinPoint, (Exception) 
e, audit);
throw e;
}

I would make a pull-request, but I haven't found the source code at github.

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/019cf236-26be-4c3d-97e6-0bb731b8217e%40apereo.org.

[cas-user] Inspektr audit - Failed authentication treated like throttling?

[Jaroslav Kačer]

Dear CAS user/developers,

We are using CAS 5.0.4 with the Inspektr library for storing audit logs 
into a database. We are using it together with login throttling, which 
depends on the data in the audit table.

Everything works just fine, I just spotted a little surprising thing: It 
seems that authentication failures (i.e. input data for the throttling 
mechanism) are reported as actual throttling.  CAS works fine, no actual 
throttling occurs (yet), just the audit log contains little misleading 
information.

In a text log file, it looks like this:

2017-05-23T10:05:02,992 [http-nio-8443-exec-7] DEBUG org.apereo.cas.web.
support.
InspektrThrottledSubmissionByIpAddressAndUsernameHandlerInterceptorAdapter - 
Recording submission failure for /cas/login
2017-05-23T10:05:02,992 [http-nio-8443-exec-7] WARN org.apereo.cas.web.
support.
InspektrThrottledSubmissionByIpAddressAndUsernameHandlerInterceptorAdapter - 
Throttling submission from 0:0:0:0:0:0:0:1. More than 5 failed login 
attempts within 60 seconds. Authentication attempt exceeds the failure 
threshold 5


The first line looks OK to me, while the second one does not; no actual 
throttling occurred and this was the 1st failed login attempt.

In the database, it looks like this:
xx...@xxx.com 0:0:0:0:0:0:0:1 0:0:0:0:0:0:0:1 Supplied credentials: [
xx...@xxx.com] AUTHENTICATION_FAILED CAS 22-MAY-17 05.15.13.08600 PM
xx...@xxx.com 0:0:0:0:0:0:0:1 0:0:0:0:0:0:0:1 xx...@xxx.com 
THROTTLED_LOGIN_ATTEMPT CAS 22-MAY-17 05.15.35.07900 PM


(The time difference results from debugging, please ignore it.) Again, the 
first row looks OK, the 2nd one is misleading.

When I look into the source code, 
class 
InspektrThrottledSubmissionByIpAddressAndUsernameHandlerInterceptorAdapter, 
I can see this method:
@Override
public void recordSubmissionFailure(final HttpServletRequest request) {
recordThrottle(request);
}



Calling recordThrottle(record) here is probably the source of the behavior 
I've just described. I think something else should be called instead. Do 
you agree? Or do I understand it wrong and this behavior is OK?

Thank you!

Best Regards,
Jarda


-- 
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/faf74be0-eaba-4db1-bce8-85060159fcd8%40apereo.org.

Re: [cas-user] inspektr-jdbc-audit-config.xml

[Uxío]

Is the new data base being served from the same host URL and port that served 
the original one?

In case not, have you checked JDBC connectivity to that target destination host 
from the desired source host using another JDBC tool (not Apereo CAS) like a 
CLI client (the SQL*plus like alternative Microsoft provides for connecting to 
the data base they license) or the lovely SchemaSpy tool?

Hope that helped,

Sent from my iPhone

> On 03 Jan 2017, at 17:59, carlos maddaleno cuellar 
>  wrote:
> 
> Hi i need some help im trying to configure my audit to sql server data base 
> on my orale is working fine but when i change the cas.properties to my sql 
> server the log says
> 
> org.springframework.beans.factory.BeanCreationException: Error creating bean 
> with name 'inspektrAuditEntityManagerFactory' defined in class path resource 
> [inspektr-jdbc-audit-config.xml]: Invocation of init method failed; nested 
> exception is javax.persistence.PersistenceException: [PersistenceUnit: 
> default] Unable to build Hibernate SessionFactory
> 
> Caused by: javax.persistence.PersistenceException: [PersistenceUnit: default] 
> Unable to build Hibernate SessionFactory
> 
> 
> Caused by: org.hibernate.exception.GenericJDBCException: Unable to obtain 
> JDBC Connection
> 
> the params on my cas.properties are this:
> 
> #cas.audit.max.agedays=
> #cas.audit.database.dialect=
> #cas.audit.database.batchSize=
> cas.audit.database.ddl.auto=validate
> cas.audit.database.gen.ddl=false
> cas.audit.database.show.sql=true
> cas.audit.database.driverClass=com.microsoft.sqlserver.jdbc.SQLServerDriver
> cas.audit.database.url=jdbc:sqlserver://172.18.141.81\DESA;databaseName=SEGURIDAD_BOLSA_EMPLEO
> cas.audit.database.user=sa_desarrollo
> cas.audit.database.password=EPXV5AA9BQ
> #cas.audit.database.pool.minSize=
> #cas.audit.database.pool.minSize=
> #cas.audit.database.pool.maxSize=
> #cas.audit.database.pool.maxIdleTime=
> #cas.audit.database.pool.maxWait=
> #cas.audit.database.pool.acquireIncrement=
> #cas.audit.database.pool.acquireRetryAttempts=
> #cas.audit.database.pool.acquireRetryDelay=
> #cas.audit.database.pool.idleConnectionTestPeriod=
> #cas.audit.database.pool.connectionHealthQuery=
> 
> 
> cas.audit.database.dialect=org.hibernate.dialect.SQLServerDialect
> 
> 
> 
> -- 
> - CAS gitter chatroom: https://gitter.im/apereo/cas
> - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
> - CAS documentation website: https://apereo.github.io/cas
> - CAS project website: https://github.com/apereo/cas
> --- 
> You received this message because you are subscribed to the Google Groups 
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit 
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/CANEG9%2BcvcYkq1hay-2mZcpia1y%2BOaYBuOLKLMVNWEfvE9knYbw%40mail.gmail.com.

-- 
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/8FB8614F-05FC-43D8-A56B-EFC868671998%40madiva.com.

[cas-user] inspektr-jdbc-audit-config.xml

[carlos maddaleno cuellar]

Hi i need some help im trying to configure my audit to sql server data base
on my orale is working fine but when i change the cas.properties to my sql
server the log says

org.springframework.beans.factory.BeanCreationException: Error creating
bean with name 'inspektrAuditEntityManagerFactory' defined in class path
resource [inspektr-jdbc-audit-config.xml]: Invocation of init method
failed; nested exception is javax.persistence.PersistenceException:
[PersistenceUnit: default] Unable to build Hibernate SessionFactory

Caused by: javax.persistence.PersistenceException: [PersistenceUnit:
default] Unable to build Hibernate SessionFactory


Caused by: org.hibernate.exception.GenericJDBCException: Unable to obtain
JDBC Connection

the params on my cas.properties are this:

#cas.audit.max.agedays=
#cas.audit.database.dialect=
#cas.audit.database.batchSize=
cas.audit.database.ddl.auto=validate
cas.audit.database.gen.ddl=false
cas.audit.database.show.sql=true
cas.audit.database.driverClass=com.microsoft.sqlserver.jdbc.SQLServerDriver
cas.audit.database.url=jdbc:sqlserver://172.18.141.81
\DESA;databaseName=SEGURIDAD_BOLSA_EMPLEO
cas.audit.database.user=sa_desarrollo
cas.audit.database.password=EPXV5AA9BQ
#cas.audit.database.pool.minSize=
#cas.audit.database.pool.minSize=
#cas.audit.database.pool.maxSize=
#cas.audit.database.pool.maxIdleTime=
#cas.audit.database.pool.maxWait=
#cas.audit.database.pool.acquireIncrement=
#cas.audit.database.pool.acquireRetryAttempts=
#cas.audit.database.pool.acquireRetryDelay=
#cas.audit.database.pool.idleConnectionTestPeriod=
#cas.audit.database.pool.connectionHealthQuery=


cas.audit.database.dialect=org.hibernate.dialect.SQLServerDialect

-- 
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CANEG9%2BcvcYkq1hay-2mZcpia1y%2BOaYBuOLKLMVNWEfvE9knYbw%40mail.gmail.com.