1. Introduction... 1 2. Auditing Handlers and Audit Trails... 2 3. Configure the Built-In Handler... 3 4. Create a Custom Audit Handler...



Similar documents
JOSSO 2.4. Internet Information Server (IIS) Tutorial

GlassFish Security. open source community experience distilled. security measures. Secure your GlassFish installation, Web applications,

Enterprise Content Management System Monitor. Server Debugging Guide CENIT AG Bettighofer, Stefan

Getting Started With Delegated Administration

WebNow Single Sign-On Solutions

How to install software applications in networks to remote computers

An overview of configuring Intacct for single sign-on. To configure the Intacct application for single-sign on (an overview)

Spring Security SAML module

Quality Management Consultancy

Logout Support on SP and Application

How To - Implement Clientless Single Sign On Authentication with Active Directory

HIPAA Compliance Use Case

Migrating to vcloud Automation Center 6.1

Security Provider Integration Kerberos Server

Alex Wong Senior Manager - Product Management Bruce Ong Director - Product Management

This chapter describes how to use the Junos Pulse Secure Access Service in a SAML single sign-on deployment. It includes the following sections:

Installing and Configuring vcenter Support Assistant

JOSSO 2.4. Ws-Federation Integration Tutorial

Alliance Key Manager A Solution Brief for Technical Implementers

Egnyte Single Sign-On (SSO) Configuration for Active Directory Federation Services (ADFS)

OpenAM. 1 open source 1 community experience distilled. Single Sign-On (SSO) tool for securing your web. applications in a fast and easy way

Implementation Guide SAP NetWeaver Identity Management Identity Provider

Crawl Proxy Installation and Configuration Guide

McAfee Cloud Identity Manager

PHP Integration Kit. Version User Guide

To set up Egnyte so employees can log in using SSO, follow the steps below to configure VMware Horizon and Egnyte to work with each other.

Release Notes RSA Authentication Agent for Web for IIS 7.0, 7.5, and 8.0 Web Server

JOINUS AG. PowerPay Checkout. Magento Module User Manual. Support:

McAfee Cloud Identity Manager

Sharepoint server SSO

How To Set Up Dataprotect

How to leverage SAP NetWeaver Identity Management and SAP Access Control combined solutions

Audit/Logging Repudiation. Security Testing: Testing for What It s NOT supposed to do

The Customer page is only displayed in Admin Portal on Managed Service Provider accounts. It is not displayed in customer accounts.

vsphere Upgrade vsphere 6.0 EN

1. Introduction 2. Using Java Management Extension (JMX) 3. Remote Monitoring

Administering the Web Server (IIS) Role of Windows Server

Managing Qualys Scanners

Siteminder Integration Guide

Administering the Web Server (IIS) Role of Windows Server 10972B; 5 Days

Configuring Single Sign-on from the VMware Identity Manager Service to WebEx

IBM Security QRadar Version (MR1) WinCollect User Guide

Connected Data. Connected Data requirements for SSO

How To Configure L2TP VPN Connection for MAC OS X client

Installation & Configuration Guide User Provisioning Service 2.0

Setting up an MS SQL Server for IGSS

Intronis RMM Deployment Kit

Device/Capture Status Monitor Admin and Instructor Guide

Thales ncipher modules. Version: 1.2. Date: 22 December Copyright 2009 ncipher Corporation Ltd. All rights reserved.

Nexus Professional Whitepaper. Repository Management: Stages of Adoption

OneLogin Integration User Guide

Agenda. How to configure

IBM Tivoli Federated Identity Manager V6.2.2 Implementation. Version: Demo. Page <<1/10>>

PicketLink Federation User Guide 1.0.0

TIB 2.0 Administration Functions Overview

Security Provider Integration Kerberos Authentication

Installation Manual v2.0.0

Oracle Database 11g: Security Release 2. Course Topics. Introduction to Database Security. Choosing Security Solutions

Get Success in Passing Your Certification Exam at first attempt!

Using the Content Distribution Manager GUI

SonicWALL SSL VPN 3.5: Virtual Assist

10972B: Administering the Web Server (IIS) Role of Windows Server

Virtual Office Remote Installation Guide

SAML single sign-on configuration overview

INTEGRATION GUIDE. DIGIPASS Authentication for VMware Horizon Workspace

1 of 24 7/26/2011 2:48 PM

Perceptive Experience Single Sign-On Solutions

Using Windows 2008 RADIUS Authentication with Tripp Lite SNMPWEBCARD

FileCloud Security FAQ

Symbian User Guide for Cisco AnyConnect Secure Mobility Client, Release 2.4

SOA Software: Troubleshooting Guide for Agents

D50323GC20 Oracle Database 11g: Security Release 2

IBM Security Access Manager for Enterprise Single Sign-On V8.2 Implementation Exam.

Single Sign-On Using SPNEGO

AccountView. Single Sign-On Guide

Team Collaboration, Version Management, Audit Trails

User Guide. Version R91. English

Work with PassKey Manager

Secure Configuration Guide

Configuring Salesforce

Configuring user provisioning for Amazon Web Services (Amazon Specific)

For details about using automatic user provisioning with Salesforce, see Configuring user provisioning for Salesforce.

EBOX Digital Content Management System (CMS) User Guide For Site Owners & Administrators

Using SonicWALL NetExtender to Access FTP Servers

Load Balancing Microsoft AD FS. Deployment Guide

Configuring an ArcSight Smart- Connector to collect events from Kaspersky Admin Kit 8.0

Audit Trail and ERES in Umetrics products

EnterpriseLink Benefits

Ankush Cluster Manager - Hadoop2 Technology User Guide

ESM s management across multi-platforms eliminates the need for various account managers.

Installing Drupal on Your Local Computer

Release Notes RSA Authentication Agent for Web for IIS 7.0, 7.5, and 8.0 Web Server

Table of Contents. Welcome Login Password Assistance Self Registration Secure Mail Compose Drafts...

Installing Windows Server Update Services (WSUS) on Windows Server 2012 R2 Essentials

McAfee Cloud Identity Manager

Tutorial: Packaging your server build

An overview of configuring WebEx for single sign-on. To configure the WebEx application for single-sign on from the cloud service (an overview)

Oracle Database 11g: Security Release 2

Bomgar License Comparison

VMware vrealize Automation

Transcription:

1. Introduction... 1 2. Auditing Handlers and Audit Trails... 2 3. Configure the Built-In Handler... 3 4. Create a Custom Audit Handler... 5 iii

Auditing is a key security aspect of identity solutions. The JOSSO s auditing module provides a systematic way of collecting information related to events and activities that can be used to ensure conformance with internal and external policies. In JOSSO we cal this information audit trails. Audit trails are generated all across the platform, and captured by the auditing service. The following is a high level list of available trails: Sign-on Sign-off Session Timeout Authentication User handling (create, remove, update, delete) Role management (create, remove, update, delete) In this tutorial we ll take a look at the built-in auditing loging configuration, and we ll mention at the end the steps required to implement your own module, including an example. 1

The Auditing Module follows the flexibility principle that shapes the entire platform, allowing users to create and provide their own extensions into the system. For the Auditing Module, you can create your own AuditHandler implementation to receive and process AuditTrails. As mentioned before, audit trails represent security events and activities where each trail instance contains the following information: Category: identity appliance/provider that generated the trail, it includes the appliance realm (i.e. com.mycompany.sso.ida-1.audit.idp-1) Severity: refers to the severity of the action (CRITICAL, WARNING, INFO, LOW). Action: event or action recorded. (i.e. SSO, SLO, SLO_TOUT) Outcome: action s result (SUCCESS, FAILURE) Time: action timestamp Principal: Optional, the authenticated remote user associated to the action Error: Optional, represents an error associated to the action. Properties: Additional set of action specific properties (i.e remote address) 2

The default auditing handler can record audit trails to a log or logs. You can configure different output logs for different Identity Appliances or even for one for each provider. The logging handler takes full advantage of the logging system, allowing configuration for filesystem based logs, database persisted logs, or even network service logs. The built-in handler will use the audit trail category property to log the event, this can be used to configure the logging system. In this example we assume that the Identity Appliance realm is com.mycompany.sso.ida-1. JOSSO provides a pre-configured audit.log appender named audit that can be used when configuring auditing for your deployment. To enable auditing to the default appender, just edit the file $JOSSO2_HOME/etc/org.ops4j.pax.logging.cfg.prod and add a new entry for you appliance like this (look for this section at the end of the file). If you require different log files for different appliances/providers, just define a new appender and refer to it when enabling the corresponding category. Once you re done copy the modified file over $JOSSO2_HOME/etc/ org.ops4j.pax.logging.cfg Enable auditing for an appliance to the default audit.log # Add appliances that should output audit information # to audit log log4j.category.com.mycompany.sso.ida-1.audit=trace, audit idp-1.log # File appender for audit-ida-1-idp-1 log4j.appender.audit-ida-1-idp-1=org.apache.log4j.rollingfileappender log4j.appender.audit-ida-1-idp-1.layout=org.apache.log4j.patternlayout log4j.appender.audit-ida-1-idp-1.layout.conversionpattern=%d{iso8601} %-5.5p %m%n Enable auditing for identity provider idp-1 of identity applinace ida-1 to the the file audit-ida-1- log4j.appender.audit-ida-1-idp-1.file=${karaf.base}/data/log/audit-ida-1- idp-1.log log4j.appender.audit-ida-1-idp-1.append=true log4j.appender.audit-ida-1-idp-1.maxfilesize=10mb log4j.appender.audit-ida-1-idp-1.maxbackupindex=99 # Add appliances that should output audit information # to audit log log4j.category.com.mycompany.sso.ida-1.audit.idp-1=trace, audit 3

Configure the Built-In Handler Log Details Options JOSSO supports multiple logging detail options: Production, Detailed, Development. You may want to update the proper files with the auditing options if auditing is required in those modes. $JOSSO2_HOME/etc/org.ops4j.pax.logging.cfg.debug, $JOSSO2_HOME/ etc/org.ops4j.pax.logging.dev 4

The easiest way to show-case how to create a custom Audit Handler is by providing an example. Once implemented, the handler must compiled and packaged as an OSGi bundle to be deployinstalled as a custom feature. You can download an example from github [https:// github.com/atricore/atricore-idbus/tree/1.4.1/examples/custom-audit-handler] Once built, the bundle can be added as a custom feature to JOSSO, simply edit the file, and add the new bundle: $JOSSO2_HOME/features/com/atricore/josso/josso-ee-custom/2.4.1/josso-eecustom-2.4.1-features.xml <?xml version="1.0" encoding="utf-8"?> <features name="atricore-josso-ee-custom-2.4.2-snapshot"> <!-- Add custom extensions here --> <feature name="custom" version="2.4.2-snapshot"> <bundle >mvn:org.atricore.idbus.examples/ org.atricore.idbus.examples.custom-audit-handler/2.4.1</bundle> </feature> </features> Features File Keep in mind that the product version 2.4.1 used in the example may need to be replaced with the corresponding product version (i.e. 2.4.2-SNAPSHOT) when looking for the custom features file. 5

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information