Authentication Logging - source IP address

Issue #794 resolved
Stephen Bowles
created an issue

Hello,

We have an Active Directory integrated scm-server deployment. Some users are finding their accounts being locked out. We can confirm the requests are coming from the scm-server, however that's all we can do.

Logging, using TRACE, does not show any useful information such as source IP address, from whta we can see.

We have tried upgrading from 1.40 to 1.46, but still, not joy.

We can see from some committ logs that it looks like changes were made to log out source IP addresses for authentication requests, but we are unsure of how to make use of this? Could you please advise?

The goal/request: * To log out source IP address for authentication failed requests.

Thank you.

Comments (11)

  1. Sebastian Sebastian repo owner

    This is already possible with slf4j/logback mdc. SCM-Manager sets mdcs for username, client_ip, client_host (MDCFilter). To log the value of a mdc, at it to the pattern of your appender e.g.:

    <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
    
      <encoder>
          <pattern>%d{yyyy-MM-dd HH:mm:ss.SSS} [%thread] %X{client_ip} %-5level %logger - %msg%n</pattern>
      </encoder>
    
    </appender>
    

    For more information on mdc, please have a look at the logback documentation.

  2. Stephen Bowles reporter

    Thank you Sebastian.

    We have made the changes to the configuration file (direct copy of your example), however it is still not outputting the IP address - instead, a whitespace is there now?

    Also tried: <pattern>%d{yyyy-MM-dd HH:mm:ss.SSS} [%thread] %client_ip% %client_host% %username% %X{client_ip} %-5level %logger - %msg%n</pattern>

    Confirmed we are running 1.46.

    Is there something else we need to change/check for the IP address to be outputted in the logs? E.g., running a higher level of logging? (We tried TRACE - still no joy).

    Thank you.

  3. Stephen Bowles reporter

    Thank you Sebastian.

    We have scm-manager installed on a Windows box, installed using "scm-server install", after downloading the .zip file and extracting, I wasn't involved in the initial project, but it looks like Tomcat, judging by the services.

    Please find our logging.xml below :-

    <?xml version="1.0" encoding="UTF-8"?>
    <!--
    
        Copyright (c) 2010, Sebastian Sdorra
        All rights reserved.
    
        Redistribution and use in source and binary forms, with or without
        modification, are permitted provided that the following conditions are met:
    
        1. Redistributions of source code must retain the above copyright notice,
           this list of conditions and the following disclaimer.
        2. Redistributions in binary form must reproduce the above copyright notice,
           this list of conditions and the following disclaimer in the documentation
           and/or other materials provided with the distribution.
        3. Neither the name of SCM-Manager; nor the names of its
           contributors may be used to endorse or promote products derived from this
           software without specific prior written permission.
    
        THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
        AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
        IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
        DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY
        DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
        (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
        LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
        ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
        (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
        SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
    
        http://bitbucket.org/sdorra/scm-manager
    
    
    -->
    
    <!--
        Document   : logback.release.xml
        Created on : February 3, 2011, 6:36 PM
        Author     : sdorra
        Description:
            Purpose of the document follows.
    -->
    
    <configuration>
    
      <jmxConfigurator />
    
      <define name="LOGDIR" class="sonia.scm.ScmLogFilePropertyDefiner" />
    
      <appender name="FILE" class="ch.qos.logback.core.rolling.RollingFileAppender">
        <file>${LOGDIR}/scm-manager.log</file>
    
        <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
          <fileNamePattern>${LOGDIR}/scm-manager-%i.log</fileNamePattern>
          <minIndex>1</minIndex>
          <maxIndex>10</maxIndex>
        </rollingPolicy>
    
        <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
          <maxFileSize>10MB</maxFileSize>
        </triggeringPolicy>
    
        <append>true</append>
        <encoder>
          <pattern>%d{yyyy-MM-dd HH:mm:ss.SSS} [%thread] %-5level %logger - %msg%n</pattern>
        </encoder>
      </appender>
    
      <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
    
          <encoder>
              <pattern>%d{yyyy-MM-dd HH:mm:ss.SSS} [%thread] %X{client_ip} %-5level %logger - %msg%n</pattern>
          </encoder>
    
      </appender>
    
      <logger name="sonia.scm" level="INFO" />
    
      <!-- suppress massive gzip logging -->
      <logger name="sonia.scm.filter.GZipFilter" level="WARN" />
      <logger name="sonia.scm.filter.GZipResponseStream" level="WARN" />
    
      <logger name="sonia.scm.util.ServiceUtil" level="WARN" />
    
      <!-- aether -->
      <!--
      <logger name="org.sonatype.aether" level="TRACE" />
      <logger name="com.ning.http.client" level="DEBUG" />
      -->
    
      <!-- svnkit -->
      <!--
      <logger name="svnkit" level="WARN" />
      <logger name="svnkit.network" level="DEBUG" />
      <logger name="svnkit.fsfs" level="WARN" />
      -->
    
      <!-- javahg -->
      <!--
      <logger name="com.aragost.javahg" level="DEBUG" />
      -->
    
      <!-- ehcache -->
      <!--
      <logger name="net.sf.ehcache" level="DEBUG" />
      -->
    
      <root level="WARN">
        <appender-ref ref="FILE" />
        <appender-ref ref="STDOUT" />
      </root>
    
    </configuration>
    
  4. Stephen Bowles reporter

    Thank you ever so much @Sebastian Sebastian

    For reference, this worked for us:

    <?xml version="1.0" encoding="UTF-8"?>
    <!--
    
        Copyright (c) 2010, Sebastian Sdorra
        All rights reserved.
    
        Redistribution and use in source and binary forms, with or without
        modification, are permitted provided that the following conditions are met:
    
        1. Redistributions of source code must retain the above copyright notice,
           this list of conditions and the following disclaimer.
        2. Redistributions in binary form must reproduce the above copyright notice,
           this list of conditions and the following disclaimer in the documentation
           and/or other materials provided with the distribution.
        3. Neither the name of SCM-Manager; nor the names of its
           contributors may be used to endorse or promote products derived from this
           software without specific prior written permission.
    
        THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
        AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
        IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
        DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY
        DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
        (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
        LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
        ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
        (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
        SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
    
        http://bitbucket.org/sdorra/scm-manager
    
    
    -->
    
    <!--
        Document   : logback.release.xml
        Created on : February 3, 2011, 6:36 PM
        Author     : sdorra
        Description:
            Purpose of the document follows.
    -->
    
    <configuration>
    
      <jmxConfigurator />
    
      <define name="LOGDIR" class="sonia.scm.ScmLogFilePropertyDefiner" />
    
      <appender name="FILE" class="ch.qos.logback.core.rolling.RollingFileAppender">
        <file>${LOGDIR}/scm-manager.log</file>
    
        <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
          <fileNamePattern>${LOGDIR}/scm-manager-%i.log</fileNamePattern>
          <minIndex>1</minIndex>
          <maxIndex>10</maxIndex>
        </rollingPolicy>
    
        <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
          <maxFileSize>10MB</maxFileSize>
        </triggeringPolicy>
    
        <append>true</append>
        <encoder>
          <pattern>%d{yyyy-MM-dd HH:mm:ss.SSS} - [%thread] - %X{client_ip} - %X{client_host} - %X{username} - %-5level - %logger - %msg%n</pattern>
        </encoder>
      </appender>
    
      <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
    
        <encoder>
          <pattern>%d{yyyy-MM-dd HH:mm:ss.SSS} - [%thread] - %X{client_ip} - %X{client_host} - %X{username} - %-5level - %logger - %msg%n</pattern>
        </encoder>
    
      </appender>
    
      <logger name="sonia.scm" level="INFO" />
    
      <!-- suppress massive gzip logging -->
      <logger name="sonia.scm.filter.GZipFilter" level="WARN" />
      <logger name="sonia.scm.filter.GZipResponseStream" level="WARN" />
    
      <logger name="sonia.scm.util.ServiceUtil" level="WARN" />
    
      <!-- aether -->
      <!--
      <logger name="org.sonatype.aether" level="TRACE" />
      <logger name="com.ning.http.client" level="DEBUG" />
      -->
    
      <!-- svnkit -->
      <!--
      <logger name="svnkit" level="WARN" />
      <logger name="svnkit.network" level="DEBUG" />
      <logger name="svnkit.fsfs" level="WARN" />
      -->
    
      <!-- javahg -->
      <!--
      <logger name="com.aragost.javahg" level="DEBUG" />
      -->
    
      <!-- ehcache -->
      <!--
      <logger name="net.sf.ehcache" level="DEBUG" />
      -->
    
      <root level="WARN">
        <appender-ref ref="FILE" />
        <appender-ref ref="STDOUT" />
      </root>
    
    </configuration>
    
  5. Log in to comment