Uploaded image for project: 'Red Hat Fuse'
  1. Red Hat Fuse
  2. ENTESB-10394

Audit logging enhancement: log origin of auth attempts

    XMLWordPrintable

Details

    • Enhancement
    • Resolution: Done
    • Major
    • fuse-7.5-ER1
    • fuse-7.2
    • Karaf
    • None
    • Fuse 7.5 Sprint 52 - Bug fix, Fuse 7.5 Sprint 53 - Blockers, Fuse 7.5 Sprint 54 - Interim

    Description

      To meet STIG guidance V-57483, the application should log both the auth attempt and the origin of the authentication attempt.

      Also, there's a MAX_CONCURRENT_SESSIONS in sshd that could help ensure only one active session at a time, or log something if multiple sessions from multiple workstations are active at the same time. For instance, add something like the following to the ssh activator:

      server.getProperties().put(SshServer.MAX_CONCURRENT_SESSIONS, Integer.toString(maxConcurrentSessions));

      Attachments

        Activity

          People

            rhn-support-shiggs Stephen Higgs
            rhn-support-shiggs Stephen Higgs
            Vratislav Hais Vratislav Hais (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: