Customizing gluu Server logs

By: shikha Mishra user 02 Aug 2017 at 2:51 a.m. CDT

12 Responses
shikha Mishra gravatar
Hi, I need to add user profile attribute and IP address in the log (oxauth.log and idp-process.log). Please provide steps.
CentOS65
closed

Answers

By Mohib Zico Account Admin 02 Aug 2017 at 3:56 a.m. CDT

Copy
Mohib Zico gravatar
>> I need to add user profile attribute Not clear. Can you describe?

By shikha Mishra user 02 Aug 2017 at 4:11 a.m. CDT

Copy
shikha Mishra gravatar
Hi Mohib, We need Oraganization value along with username in the log file.

By Mohib Zico Account Admin 02 Aug 2017 at 4:16 a.m. CDT

Copy
Mohib Zico gravatar
'Organization value' is not clear. You can grab username from various places like: idp-process.log and/or oxauth.log

By shikha Mishra user 02 Aug 2017 at 4:26 a.m. CDT

Copy
shikha Mishra gravatar
Organiganization (O) is attribute Origin is gluuperson , We are using this attribute to store Organization value.

By Mohib Zico Account Admin 02 Aug 2017 at 4:42 a.m. CDT

Copy
Mohib Zico gravatar
If you release those attribute in any Trust relationship, you can grab that as well from idp-process.log. IP is there as well.

By shikha Mishra user 02 Aug 2017 at 5:24 a.m. CDT

Copy
shikha Mishra gravatar
Hi, I have released attribute 'preferredLanguage' in trust relationship but this value is not present in the idp-process.log ``` 2017-08-02 10:23:11,838 - INFO [Shibboleth-Audit.SSO:241] - 20170802T102311Z|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect|SNCd4e1d3e0c0c080229db74d7ca63272d1|https://dev17869.service-now.com/|http://shibboleth.net/ns/profiles/saml2/sso/browser|https://verizon.simeio.net/idp/shibboleth|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST|_b175c5ccca937568408567feb28dd6b7|test@test.com|urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport|uid,preferredLanguage,mail|test@test.com|_c9ba8f108b7ae706a91b9ce2f81286cd| ```

By shikha Mishra user 03 Aug 2017 at 3:07 a.m. CDT

Copy
shikha Mishra gravatar
Can you please help to resolve this issue.

By Mohib Zico Account Admin 03 Aug 2017 at 3:45 a.m. CDT

Copy
Mohib Zico gravatar
>> but this value is not present in the idp-process.log Seems like it is according to your log.

By Mohib Zico Account Admin 03 Aug 2017 at 3:50 a.m. CDT

Copy
Mohib Zico gravatar
Actually, attribute is present but value is not. Please check if these attributes are created for your test user or not. And I think you should create a new ticket because it's not related to your actual query 'customizing gluu server log'.

By shikha Mishra user 03 Aug 2017 at 4:05 a.m. CDT

Copy
shikha Mishra gravatar
This is related to actual query. As this is still not clear if we can get attribute(preferredLanguage/Oraganization) values in the gluu server log file. Attributes are created for testuser. I am able to get these values in saml assertions. I am facing issue with log file. As these values are not present in the idp-process.log. Is there any additional configuration/customization required to get attribute values in the log file?

By Mohib Zico Account Admin 03 Aug 2017 at 4:24 a.m. CDT

Copy
Mohib Zico gravatar
>> I am able to get these values in saml assertions If you see this in saml assertion, that means.. it's releasing from IDP. To get the 'list of attributes with values', you need to make idp-process.log in DEBUG mode. Please check shibboleth documentation how to do that for shib server. >> Is there any additional configuration/customization required to get attribute values in the log file? No. SAML related log is just this.

By shikha Mishra user 03 Aug 2017 at 4:25 a.m. CDT

Copy
shikha Mishra gravatar
I enabled the log in logback.xml `<variable name="idp.loglevel.idp" value="DEBUG" /> And was able to get the attribute values. `

Post an answer