Transaction log for HS.
authornlevitt <nlevitt@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
Tue, 27 Jan 2004 21:38:37 +0000 (21:38 +0000)
committernlevitt <nlevitt@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
Tue, 27 Jan 2004 21:38:37 +0000 (21:38 +0000)
git-svn-id: https://subversion.switch.ch/svn/shibboleth/java-idp/trunk@860 ab3bd59b-922f-494d-bb5f-6f0a3c29deca

src/conf/log4j.properties
src/edu/internet2/middleware/shibboleth/hs/HandleServlet.java

index 11d90a2..6cb02d6 100755 (executable)
@@ -15,6 +15,15 @@ log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
 log4j.appender.stdout.layout.ConversionPattern=%-5p %-41X{serviceId} %d{ISO8601} - %m%n
 
 
+# Security transactions can be logged to a separate log as well
+
+# log4j.logger.edu.internet2.middleware.shibboleth.TRANSACTION=INFO, transaction
+log4j.logger.edu.internet2.middleware.shibboleth.TRANSACTION=OFF
+log4j.appender.transaction=org.apache.log4j.RollingFileAppender
+log4j.appender.transaction.File=/tmp/shibboleth-origin.log
+log4j.appender.transaction.layout=org.apache.log4j.PatternLayout
+log4j.appender.transaction.layout.ConversionPattern=%d{ISO8601} %m%n
+
 # The following block represents an example of how to enable very verbose logging.
 
 #log4j.rootCategory=DEBUG, stdout
@@ -39,4 +48,4 @@ log4j.appender.stdout.layout.ConversionPattern=%-5p %-41X{serviceId} %d{ISO8601}
 
 # Uncomment the following line to enable verbose debugging output concerning log4j initialization.
 
-#log4j.debug=TRUE
\ No newline at end of file
+#log4j.debug=TRUE
index 190d704..0ac1284 100644 (file)
@@ -62,6 +62,7 @@ import javax.servlet.http.HttpServletResponse;
 
 import org.apache.log4j.Logger;
 import org.apache.log4j.MDC;
+import org.apache.log4j.Level;
 import org.apache.xerces.parsers.DOMParser;
 import org.doomdark.uuid.UUIDGenerator;
 import org.opensaml.QName;
@@ -93,6 +94,8 @@ import edu.internet2.middleware.shibboleth.common.ShibbolethOriginConfig;
 public class HandleServlet extends HttpServlet {
 
        private static Logger log = Logger.getLogger(HandleServlet.class.getName());
+       private static Logger transactionLog = Logger.getLogger("edu.internet2.middleware.shibboleth.TRANSACTION");
+
        private Semaphore throttle;
        private ShibbolethOriginConfig configuration;
        private Credentials credentials;
@@ -229,6 +232,7 @@ public class HandleServlet extends HttpServlet {
        public void init() throws ServletException {
                super.init();
                MDC.put("serviceId", "[HS] Core");
+               transactionLog.setLevel((Level) Level.INFO);
                try {
                        log.info("Initializing Handle Service.");
 
@@ -299,6 +303,20 @@ public class HandleServlet extends HttpServlet {
 
                        createForm(req, res, buf);
 
+                        transactionLog.info("Authentication assertion issued to SHIRE ("
+                                        + req.getParameter("shire")
+                                        + ") providerId ("
+                                        + req.getParameter("providerId")
+                                        + ") on behalf of principal ("
+                                        + username
+                                        + ") for resource ("
+                                        + req.getParameter("target")
+                                        + "). Name Identifier: ("
+                                        + nameId.getName()
+                                        + "). Name Identifier Format: ("
+                                        + nameId.getFormat()
+                                        + ").");
+
                } catch (NameIdentifierMappingException ex) {
                        log.error(ex);
                        handleError(req, res, ex);