From: Brett D. G. <Brett.Dellegrazie@Intact-is.com> - 2010-08-17 08:41:07
|
I've just checked my current ONMS installation (1.8.2 on Debian) and realised that the security events are propagated by a proxy bean. So the two beans described in my post below are probably not necessary (they are the 'raw' Spring Security events, not the sanitised ones from the OpenNMS webapp). Probably you just need to set the logging level to INFO or WARN. If you use the bean definitions below instead you will need to look in the misc.log Best Regards, Brett -----Original Message----- From: Brett Delle Grazie Sent: Tue 17/08/2010 08:41 To: General OpenNMS Discussion Subject: Re: [opennms-discuss] webauth.log empty Hello, You need to set the logging level to 'WARN' or 'INFO'. From what I remember, there is no such logging level called 'ALL' (read the top of the log4j.properties file to confirm). Secondly, you will also need to add the following bean definition to your applicationContext-springSecurity.xml file: This bean provides authentication information: <beans:bean id="authenticationLoggerListener" class="org.springframework.security.authentication.event.LoggerListener" => This bean provides authorisation information (if you need it): <beans:bean id="authorisationLoggerListener" class="org.springframework.security.access.event.LoggerListener" /> For authorisation bean, failures are logged at 'WARN' level, success events are logged at 'INFO' level. So if you need success authorisation events, change the logging level to 'INFO'. Also I'm not sure what log file these events will appear in - it might be the catch all one. On Thu, 2010-08-05 at 09:58 +0200, olaf balzer wrote: > Dear Members, > > I have installed lastet 32-bit Linux verrsion of Opennms. > For security reasons, we need to parse all Application activities into > a central log repository. > Especially, we want to keep an eye on the login logout activities. > I would expect those messages in the webauth.log, but on my machine it > is empty, although I have logged and logged out a couple of times and > set the level to ALL. > > Here is the log4j configuration. Is there something wrong ? > > # Web UI (Authentication) > log4j.category.OpenNMS.WEB.AUTH=ALL, WEBAUTH > log4j.additivity.OpenNMS.WEB.AUTH=false > log4j.appender.WEBAUTH=org.apache.log4j.RollingFileAppender > log4j.appender.WEBAUTH.MaxFileSize=2MB > log4j.appender.WEBAUTH.MaxBackupIndex=2 > log4j.appender.WEBAUTH.File=/opt/opennms/logs/webapp/webauth.log > log4j.appender.WEBAUTH.layout=org.apache.log4j.PatternLayout > log4j.appender.WEBAUTH.layout.ConversionPattern=%d %-5p [%t] %c{1}: %m > %n > > THKS and BR Olaf > -- Best Regards, Brett Delle Grazie ______________________________________________________________________ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email ______________________________________________________________________ |