[jira] [Commented] (KARAF-4436) Extend JAAS auditing with eventadmin
[
https://issues.apache.org/jira/browse/KARAF-4436?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16807864#comment-16807864
]
Stephen Higgs commented on KARAF-4436:
--
[~jbonofre] willing to collaborate on this one if that would be helpful, else I
will look elsewhere.
--Stephen
> Extend JAAS auditing with eventadmin
>
>
> Key: KARAF-4436
> URL: https://issues.apache.org/jira/browse/KARAF-4436
> Project: Karaf
> Issue Type: Improvement
> Components: karaf
>Reporter: Jean-Baptiste Onofré
>Assignee: Jean-Baptiste Onofré
>Priority: Major
>
> Right now, we have the Audit JAAS LoginModules (File and EventAdmin) auditing
> when an user login/logout.
> Unfortunately, in the case of the File, we just have something like:
> {code}
> 03/23/2016 13:17:43 - Authentication attempt - karaf
> 03/23/2016 13:17:43 - Authentication failed - karaf
> 03/23/2016 13:17:48 - Authentication attempt - karaf
> 03/23/2016 13:17:48 - Authentication succeeded - karaf
> 03/23/2016 13:41:14 - Authentication attempt - karaf
> 03/23/2016 13:41:14 - Authentication failed - karaf
> 03/23/2016 13:41:15 - Authentication attempt - karaf
> 03/23/2016 13:41:15 - Authentication succeeded - karaf
> {code}
> In the audit "log", it would be great to "trap" the event provided by shell
> and JMX eventadmin. We would provide a real and complete auditing file.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (KARAF-4436) Extend JAAS auditing with eventadmin
[
https://issues.apache.org/jira/browse/KARAF-4436?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16807857#comment-16807857
]
Stephen Higgs commented on KARAF-4436:
--
[~jbonofre], did you already start work on this one?
> Extend JAAS auditing with eventadmin
>
>
> Key: KARAF-4436
> URL: https://issues.apache.org/jira/browse/KARAF-4436
> Project: Karaf
> Issue Type: Improvement
> Components: karaf
>Reporter: Jean-Baptiste Onofré
>Assignee: Jean-Baptiste Onofré
>Priority: Major
>
> Right now, we have the Audit JAAS LoginModules (File and EventAdmin) auditing
> when an user login/logout.
> Unfortunately, in the case of the File, we just have something like:
> {code}
> 03/23/2016 13:17:43 - Authentication attempt - karaf
> 03/23/2016 13:17:43 - Authentication failed - karaf
> 03/23/2016 13:17:48 - Authentication attempt - karaf
> 03/23/2016 13:17:48 - Authentication succeeded - karaf
> 03/23/2016 13:41:14 - Authentication attempt - karaf
> 03/23/2016 13:41:14 - Authentication failed - karaf
> 03/23/2016 13:41:15 - Authentication attempt - karaf
> 03/23/2016 13:41:15 - Authentication succeeded - karaf
> {code}
> In the audit "log", it would be great to "trap" the event provided by shell
> and JMX eventadmin. We would provide a real and complete auditing file.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (KARAF-6222) add MAX_CONCURRENT_SESSIONS option to Karaf ssh server
[ https://issues.apache.org/jira/browse/KARAF-6222?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16806775#comment-16806775 ] Stephen Higgs commented on KARAF-6222: -- [~jbonofre], thanks, if you can't find it I have the edits already done also. > add MAX_CONCURRENT_SESSIONS option to Karaf ssh server > -- > > Key: KARAF-6222 > URL: https://issues.apache.org/jira/browse/KARAF-6222 > Project: Karaf > Issue Type: Improvement > Components: karaf >Affects Versions: 4.2.4 >Reporter: Stephen Higgs >Assignee: Jean-Baptiste Onofré >Priority: Minor > Labels: sshd > Fix For: 4.3.0, 4.2.5 > > > Add a MAX_CONCURRENT_SESSIONS option, available in sshd, that will enforce > the maximum number of open/concurrent ssh sessions per user. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (KARAF-6222) add MAX_CONCURRENT_SESSIONS option to Karaf ssh server
Stephen Higgs created KARAF-6222: Summary: add MAX_CONCURRENT_SESSIONS option to Karaf ssh server Key: KARAF-6222 URL: https://issues.apache.org/jira/browse/KARAF-6222 Project: Karaf Issue Type: Improvement Components: karaf Affects Versions: 4.2.4 Reporter: Stephen Higgs Add a MAX_CONCURRENT_SESSIONS option, available in sshd, that will enforce the maximum number of open/concurrent ssh sessions per user. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (KARAF-6220) add principal info to audit logs
[ https://issues.apache.org/jira/browse/KARAF-6220?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16806181#comment-16806181 ] Stephen Higgs commented on KARAF-6220: -- Coding complete, creating pull request > add principal info to audit logs > > > Key: KARAF-6220 > URL: https://issues.apache.org/jira/browse/KARAF-6220 > Project: Karaf > Issue Type: Improvement > Components: karaf >Affects Versions: 4.2.4 >Reporter: Stephen Higgs >Priority: Minor > > Audit logs currently only show user principal name and action (authentication > attempted, failed, etc.). Add information available in ClientPrincipal > object to show access method and remote access location (IP address). -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (KARAF-6220) add principal info to audit logs
Stephen Higgs created KARAF-6220: Summary: add principal info to audit logs Key: KARAF-6220 URL: https://issues.apache.org/jira/browse/KARAF-6220 Project: Karaf Issue Type: Improvement Components: karaf Affects Versions: 4.2.4 Reporter: Stephen Higgs Audit logs currently only show user principal name and action (authentication attempted, failed, etc.). Add information available in ClientPrincipal object to show access method and remote access location (IP address). -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (KARAF-5772) HTTP proxy should be able to support several addresses with round-robin
[ https://issues.apache.org/jira/browse/KARAF-5772?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16678433#comment-16678433 ] Stephen Higgs commented on KARAF-5772: -- [~jbonofre], is the intent here to specify a BalancingPolicy for each alias, or a global BalancingPolicy? If the former, what would that configuration look like? > HTTP proxy should be able to support several addresses with round-robin > --- > > Key: KARAF-5772 > URL: https://issues.apache.org/jira/browse/KARAF-5772 > Project: Karaf > Issue Type: Improvement > Components: karaf >Reporter: Jean-Baptiste Onofré >Assignee: Jean-Baptiste Onofré >Priority: Major > Labels: http, proxy > Fix For: 4.2.2 > > > The Karaf HTTP proxy servlet should be able to round-robin or random pick up > a target destination if several are provided. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
