Uploaded image for project: 'Red Hat Fuse'
  1. Red Hat Fuse
  2. ENTESB-10394

Audit logging enhancement: log origin of auth attempts

XMLWordPrintable

    • Icon: Feature Feature
    • Resolution: Done
    • Icon: Major Major
    • fuse-7.5-ER1
    • fuse-7.2
    • Karaf
    • Todo
    • Fuse 7.5 Sprint 52 - Bug fix, Fuse 7.5 Sprint 53 - Blockers, Fuse 7.5 Sprint 54 - Interim

      To meet STIG guidance V-57483, the application should log both the auth attempt and the origin of the authentication attempt.

      Also, there's a MAX_CONCURRENT_SESSIONS in sshd that could help ensure only one active session at a time, or log something if multiple sessions from multiple workstations are active at the same time. For instance, add something like the following to the ssh activator:

      server.getProperties().put(SshServer.MAX_CONCURRENT_SESSIONS, Integer.toString(maxConcurrentSessions));
      

              rhn-support-shiggs Stephen Higgs
              rhn-support-shiggs Stephen Higgs
              Vratislav Hais Vratislav Hais (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated:
                Resolved: