Uploaded image for project: 'OpenShift Request For Enhancement'
  1. OpenShift Request For Enhancement
  2. RFE-1744

Request source ip for logins in debug log of authentication pods


    • Icon: Feature Request Feature Request
    • Resolution: Done
    • Icon: Undefined Undefined
    • None
    • None
    • None
    • None
    • False
    • False
    • Undefined

      1. Proposed title of this feature request

      Log source ip in oauth debug logging

      2. What is the nature and description of the request?

      When enabling debug logging for the authentication pods, messages like below are stored in the logs:


      $ oc logs oauth-openshift-7ddc657f69-m8xbn
      I0217 08:23:56.354387 1 login.go:182] Login with provider "htpasswd_myusers" succeeded for "developer1": &user.DefaultInfo{Name:"developer1", UID:"5853541a-8ab6-4cf2-8822-d93348825ecb", Groups:[]string(nil), Extra:map[string][]string(nil)} ...
      I0217 08:25:41.071003 1 login.go:177] Login with provider "htpasswd_myusers" failed for "developer1" ...
      I0217 08:26:51.765063 1 login.go:177] Login with provider "htpasswd_myusers" failed for "test2"

      Although these are certainly useful, the customer would like to also track the source ip of the original request. In cases where multiple login failures occur, they would like to be able to track where the failed requests come from. Although other logs in the oauth pod show source ip address (such as for HTTP requests), we cannot guarantee that the preceding logs with the source ip address are actually tied to the "Login with provider" messages.

      3. Why does the customer need this? (List the business requirements here)

      Security requirements


            anachand Anandnatraj Chandramohan (Inactive)
            rhn-support-stwalter Steven Walter
            0 Vote for this issue
            6 Start watching this issue