Versions Compared

Old Version 2

changes.mady.by.user Former user

Saved on

compared with

New Version Current

changes.mady.by.user ubisebastian

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

...

Field NameDescription
Session IDUnique identifier generated for the single sign-on session when it is created.
Authentication IDIdentifier generated by SSO for an authentication within the single sign-on session.
Authentication MethodName of the used authentication method.
Ubisecure User ID

Unique identifier for the user

For users that are registered in an LDAP directory, this is their LDAP name.

For users that are registered in an SQL Directory, this is formed from their uniqueid and the LDAP name of the authentication method.

For other users, this is formed from the Authentication Method User ID and the LDAP name of the authentication method.

Authentication Method User ID

Authentication Method User ID value is dependant on used authentication method:

  • Password: Login name
  • SAML: Value of the NameID attribute of the Assertion element
  • OIDC: Value of the ID Token claim specified by usernameClaim conf string (sub by default)
Authentication Request OriginThe LDAP name of the client application which initiated the authentication process.
3rd Party Authentication ID

Identifier of the authentication event, which can be specified by the 3rd party identity provider. If the 3rd party identity provider doesn't specify an identifier, then SSO generates a random string  and uses it as the value instead.

Some authentication methods which set the Authenticator ID:

  • For SAML method it's the value of the ID attribute of the Assertion element.
  • For Authentication Provider (i.e. Ubilogin Agent V0) method it's the value of sessionid response parameter.
User AgentValue of User-Agent HTTP request header.

...

Field NameDescription
Session IDUnique identifier generated for the single sign-on session when it is created.
Authentication MethodName of the used authentication method.
Authentication Method User ID

Authentication Method User ID value is dependant on used authentication method:

  • Password: Login name
  • SAML: Value of the NameID attribute of the Assertion element
  • OIDC: ID Token's sub attribute
Authentication Request OriginThe LDAP name of the client application which initiated the authentication process.
Reason for FailureReason for login failure.
User AgentValue of User-Agent HTTP request header.

...

Field NameDescription
Session IDUnique identifier generated for the single sign-on session when it is created.
Authentication MethodName of the used authentication method.
3rd Party Authentication ID

Identifier of the authentication event, which can be specified by the 3rd party identity provider. If the 3rd party identity provider doesn't specify an identifier, then SSO generates a random string  and uses it as the value instead.

Some authentication methods which set the Authenticator ID:

  • For SAML method it's the value of the ID attribute of the Assertion element.
  • For Authentication Provider (i.e. Ubilogin Agent V0) method it's the value of sessionid response parameter.
AttributesAttributes configured to be shown in Audit Log. See more at: Logging attributes to audit log
User AgentValue of User-Agent HTTP request header.

...

Code Block
languagetext
"2020-05-27 13:29:46,547","0:0:0:0:0:0:0:1","consent rejected","_11a098a6b573f8eb8e57a0bdd04ac784a9337b4c","73b678dd2c736959","cn=client1,ou=OIDC-testing,ou=System,cn=Ubilogin,dc=test","name","","cn=Administrator,ou=System,cn=Ubilogin,dc=test","","Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36"

Configuring via logback.xml file (SSO 9.x and newer)

The logback.xml file is located in ubilogin customization directory (ubilogin-sso/ubilogin/custom/logging/logback.xml) and contains the configuration of all SSO logging. Learn about Logback configuration file syntax.

Audit log is enabled by default in the turboFilter <DefaultLevels> configuration as its level is set to INFO:

Code Block
themeDefault
<configuration>
    <turboFilter class="com.ubisecure.common.logging.MarkerBasedLogFilter">
        <DefaultLevels>audit=info;tech=info;diag.*=info</DefaultLevels>
    </turboFilter>
...
</configuration>

The pattern and appender configuration for this logger is configured by default to:

Code Block
themeDefault
<configuration>
...
    <property name="AUDIT_FILE_LOG_PATTERN"
              value=""%d{'yyyy-MM-dd HH:mm:ss,SSS'}",%msg%n" />
...
    <appender name="AUDIT_FILE" class="ch.qos.logback.core.rolling.RollingFileAppender">
        <filter class="ch.qos.logback.core.filter.EvaluatorFilter">
...
        </filter>
        <encoder>
            <pattern>${AUDIT_FILE_LOG_PATTERN}</pattern>
        </encoder>
        <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
            <fileNamePattern>${UAS_LOG_FILE}_audit.%d{yyyy-MM-dd}.log</fileNamePattern>
...
        </rollingPolicy>
    </appender>

...
</configuration>

...