Hi Mark.
Thanks for the suggestion -- but I'm not getting the realm log file. That
all looks like it should work, maybe there's just a little something that
I'm missing.
-- Chris
On Thu, Nov 8, 2012 at 4:26 PM, Mark Eggers <its_toas...@yahoo.com> wrote:
> On 11/8/2012 12:29 PM, Christopher Gross wrote:
>
>> Using Tomcat 6.0.36.
>>
>> Realm: <Realm className="org.apache.**catalina.realm.LockOutRealm"
>> failureCount="3" lockOutTime="300000"> <Realm
>> className="org.apache.**catalina.realm.**UserDatabaseRealm" digest="SHA"
>> resourceName="UserDatabase" /> </Realm>
>>
>> Is there a way that I can set it up to do user login auditing, so
>> that I can see when a user logs in, or when they have a failed
>> attempt, etc? Been trying to google an answer, but I haven't been
>> finding anything useful or specific.
>>
>> Let me know if there are any other config file snippets I can provide
>> to figure out what I need to change.
>>
>> Thanks!
>>
>> -- Chris
>>
>>
> Chris,
>
> Note, I haven't tried this so I may be completely off-base. The following
> assumes that you're using the default JULI logging setup.
>
> The realm classes are logged via Tomcat's JULI logging system (unless
> you've converted to log4j). You'll need to add some logging for realms.
>
> In $CATALINA_BASE/conf, there is a file called logging.properties.
> You'll need to modify that in three places.
>
> 1. Add a new handler by appending it to the list of current handlers
>
> Call it something like: 5realm.org.apache.juli.**FileHandler
>
> So your handlers line now looks like:
>
> handlers = 1catalina.org.apache.juli.**FileHandler,
> 2localhost.org.apache.juli.**FileHandler,
> 3manager.org.apache.juli.**FileHandler,
> 4host-manager.org.apache.juli.**FileHandler,
> java.util.logging.**ConsoleHandler,5realm.org.**apache.juli.FileHandler
>
> (sorry for the line wrapping)
>
> 2. Add the logging properties for your new handler
>
> Underneath the host manager entry, add something like the following:
>
> 5realm.org.apache.juli.**FileHandler.level = FINE
> 5realm.org.apache.juli.**FileHandler.directory = ${catalina.base}/logs
> 5realm.org.apache.juli.**FileHandler.prefix = realm.
>
> This sets up a realm log file in $CATALINA_BASE/logs.
>
> 3. Now set up the properties for the specific logger
>
> In the Facilities section, add something like the following after the
> host-manager entry.
>
> org.apache.catalina.realm.**MESSAGES.level = WARN
> org.apache.catalina.realm.**MESSAGES.handlers =
> 5realm.org.apache.juli.**FileHandler
>
> (again, sorry for the line wrapping)
>
> The values on the left contain the package you want to log
> (org.apache.catalina.realm in this case), the message level
> (MESSAGES.level), and the handler (MESSAGES.handlers).
>
> The values on the right contain the actual level (WARN, since from the
> source code all login failures look like they are at the WARN level),
> and the handler you defined above (5realm.org.apache.juli.**FileHandler).
>
> Restart Tomcat and you should see login failures in realm.[date].log,
> where [date] is the date (rotated daily).
>
> More information on configuring logging can be found here:
>
> http://tomcat.apache.org/**tomcat-6.0-doc/logging.html<http://tomcat.apache.org/tomcat-6.0-doc/logging.html>
>
> Again, I've not done this for Realm logging. I've done this for Cluster
> logging and it seems to work well.
>
> . . . . just my two cents.
> /mde/
>
> ------------------------------**------------------------------**---------
> To unsubscribe, e-mail:
> users-unsubscribe@tomcat.**apache.org<users-unsubscr...@tomcat.apache.org>
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
>
