Uploaded image for project: 'Runtime'
  1. Runtime
  2. RUNTIME-4076

Log token authentification in forensic logger

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Critical Critical
    • 4.8.4, 4.9.0
    • 4.8.3
    • None
    • None
    • 4.9.0 M2
    • Oui

      Currently, the following event are logged when a user login with a credential provider :

      2024-10-29 10:47:48,428  [session.destroyed] (/cms/_admin/plugins/core-ui/authentication/test.xml) [127.0.0.1] [Unknown Issuer] session.destroyed
      2024-10-29 10:47:48,428  [session.created] (/cms/_admin/plugins/core-ui/authentication/test.xml) [127.0.0.1] [Unknown Issuer] session.created 
      2024-10-29 10:47:48,434  [user.loggedin] (/cms/_admin/plugins/core-ui/authentication/test.xml) [127.0.0.1] [system-user#admin_population] user.loggedin (user::UserIdentity [login=grapin, population=ametys_demo_users])
      2024-10-29 10:47:48,443  [authentication.login] (/cms/_admin/plugins/core-ui/authentication/test.xml) [127.0.0.1] [grapin#ametys_demo_users] authentication.login (user::UserIdentity [login=grapin, population=ametys_demo_users]|credential-provider::org.ametys.core.authentication.FormBased)
      

      That is the following event : session.destroyed -> session.created -> user.loggedin -> authentification.login

      But when authenticating with a token, only the following events are logged :

      2024-10-29 10:48:05,402 [session.destroyed] (/cms/_admin/index.html) [127.0.0.1] [Unknown Issuer] session.destroyed
      2024-10-29 10:48:05,403 [session.created] (/cms/_admin/index.html) [127.0.0.1] [Unknown Issuer] session.created 
      2024-10-29 10:48:05,405 [user.loggedin] (/cms/_admin/index.html) [127.0.0.1] [system-user#admin_population] user.loggedin (user::UserIdentity [login=grapin, population=ametys_demo_users])
      

      That is the following event : session.destroyed -> session.created -> user.loggedin

      No authentification event is logged when authenticating via token.

      More over, the user.loggedin event is not logged when the application is in safe mode.

      So I suggest adding a new authentification.token event when authenticating via token.

            ggouin Guillaume Gouin
            ggouin Guillaume Gouin
            Guillaume Gouin Guillaume Gouin
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: