<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=ISO-8859-1">
</head>
<body bgcolor="#FFFFFF" text="#000000">
Hi all,<br>
<br>
New subscriber & user. I'm trying to configure logback as it's
used in the Shibboleth application
(<a class="moz-txt-link-freetext" href="http://shibboleth.internet2.edu/">http://shibboleth.internet2.edu/</a>, <a class="moz-txt-link-freetext" href="http://wiki.shibboleth.net/">http://wiki.shibboleth.net/</a>). I'm
working with version 2.3.6 of their SAML Identity Provider (IdP),
which uses version 1.0.0 of logback.<br>
<br>
Question: How do I configure SyslogAppender to omit stack traces?<br>
<br>
I'm attempting to configure the system to send certain messages to
syslog for a security audit trail (things like authentication
success/failure). I've located the correct logger, and I've
successfully configured a SyslogAppender to send the events to
syslog, but I'm getting an odd bit of a stack trace in the syslog,
even though I think I shouldn't.<br>
<br>
I think my problem is similar/related to
<meta http-equiv="content-type" content="text/html;
charset=ISO-8859-1">
Ingebrigt Berg's issue
<meta http-equiv="content-type" content="text/html;
charset=ISO-8859-1">
<a
href="http://mailman.qos.ch/pipermail/logback-user/2012-March/003054.html">http://mailman.qos.ch/pipermail/logback-user/2012-March/003054.html</a><br>
<br>
When the line gets logged to syslog, I see the first line correctly,
but that line is followed by a stack trace, except that the
beginning of the stack trace is replaced with the string "#011".
What I want is no stack trace at all, which I ought to be able to
get with %nopex, except that doesn't seem to work. When I dig into
the code a bit, I see that the SyslogAppender already defines a
prefixPattern which has %nopex in it, so I may be missing something
here.<br>
<br>
Relevant bits of my logging.xml:<br>
<appender name="IDP_SYSLOG"
class="ch.qos.logback.classic.net.SyslogAppender"><br>
<SyslogHost>localhost</SyslogHost><br>
<Port>514</Port><br>
<Facility>AUTH</Facility><br>
<SuffixPattern> [%logger:%level] %msg
%mdc{idpSessionId} from %mdc{clientIP}%nopex</SuffixPattern><br>
</appender><br>
<logger name="edu.internet2.middleware.shibboleth.idp.authn"
level="DEBUG"><br>
<appender-ref ref="IDP_SYSLOG"/><br>
</logger><br>
<br>
<br>
The syslog output looks like:<br>
Apr 19 10:58:24 idp1
[edu.internet2.middleware.shibboleth.idp.authn.AuthenticationEngine:
DEBUG] Processing incoming request from 192.168.56.1<br>
Apr 19 10:58:24 idp1
[edu.internet2.middleware.shibboleth.idp.authn.AuthenticationEngine:
DEBUG] Beginning user authentication process. from 192.168.56.1<br>
Apr 19 10:58:24 idp1
[edu.internet2.middleware.shibboleth.idp.authn.AuthenticationEngine:
DEBUG] Filtering configured LoginHandlers:
{urn:oasis:names:tc:SAML:2.0:ac:classes:PreviousSession=edu.internet2.middleware.shibboleth.idp.authn.provider.PreviousSessionLoginHandler@7b8be7,
urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport=edu.internet2.middleware.shibboleth.idp.authn.provider.UsernamePasswordLoginHandler@11e1813}
from 192.168.56.1<br>
Apr 19 10:58:24 idp1
[edu.internet2.middleware.shibboleth.idp.authn.AuthenticationEngine:
DEBUG] Filtering out previous session login handler because there
is no existing IdP session from 192.168.56.1<br>
Apr 19 10:58:24 idp1
[edu.internet2.middleware.shibboleth.idp.authn.AuthenticationEngine:
DEBUG] Selecting appropriate login handler from filtered set
{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport=edu.internet2.middleware.shibboleth.idp.authn.provider.UsernamePasswordLoginHandler@11e1813}
from 192.168.56.1<br>
Apr 19 10:58:24 idp1
[edu.internet2.middleware.shibboleth.idp.authn.AuthenticationEngine:
DEBUG] Authenticating user with login handler of type
edu.internet2.middleware.shibboleth.idp.authn.provider.UsernamePasswordLoginHandler
from 192.168.56.1<br>
Apr 19 10:58:24 idp1
[edu.internet2.middleware.shibboleth.idp.authn.provider.UsernamePasswordLoginHandler:
DEBUG] Redirecting to <a class="moz-txt-link-freetext" href="https://idp1:443/idp/Authn/UserPassword">https://idp1:443/idp/Authn/UserPassword</a> from
192.168.56.1<br>
Apr 19 10:58:24 idp1
[edu.internet2.middleware.shibboleth.idp.authn.provider.UsernamePasswordLoginServlet:
DEBUG] Redirecting to login page /login.jsp from 192.168.56.1<br>
Apr 19 10:58:53 idp1
[edu.internet2.middleware.shibboleth.idp.authn.provider.UsernamePasswordLoginServlet:
DEBUG] Attempting to authenticate user donf from 192.168.56.1<br>
Apr 19 10:58:55 idp1
[edu.internet2.middleware.shibboleth.idp.authn.provider.UsernamePasswordLoginServlet:
DEBUG] User authentication for donf failed from 192.168.56.1<br>
Apr 19 10:58:55 idp1 #011at
edu.vt.middleware.ldap.jaas.LdapLoginModule.login(LdapLoginModule.java:138)<br>
Apr 19 10:58:55 idp1 #011at
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)<br>
Apr 19 10:58:55 idp1 #011at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)<br>
Apr 19 10:58:55 idp1 #011at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)<br>
Apr 19 10:58:55 idp1 #011at
java.lang.reflect.Method.invoke(Method.java:616)<br>
Apr 19 10:58:55 idp1 #011at
javax.security.auth.login.LoginContext.invoke(LoginContext.java:784)<br>
Apr 19 10:58:55 idp1 #011at
javax.security.auth.login.LoginContext.access$000(LoginContext.java:203)<br>
[...]<br>
<br>
The lines through "user authentication for donf failed" are
expected. The rest are not. I can do the same thing with a
RollingFileAppender and it works correctly. Am I missing something?<br>
<br>
<br>
<div class="moz-signature">
<div id="signature-separator" style="line-height:5px; color:
#888;">-- </div>
<div id="sig" style="margin: 6px 0; padding: 8px; border-top: 1px
#000 dashed; font: 12px/15px Tahoma, Geneva, sans-serif;
color:#be0f34;"> <img src="http://goo.gl/2ZYiQ" alt="me"
moz-do-not-send="true" style="float:left; padding: 2px 6px 0
0;" border="0" height="43" width="43"> <span style="color:
black;">Don Faulkner, CISSP</span> | <span><a
onmouseover="this.style.textDecoration = 'none'"
onmouseout="this.style.textDecoration = 'underline'"
style="color:#be0f34;" href="http://its.uark.edu/">IT
Security</a> at the <a
onmouseover="this.style.textDecoration = 'none'"
onmouseout="this.style.textDecoration = 'underline'"
style="color:#be0f34;" href="http://www.uark.edu/">University
of Arkansas</a></span> <br>
<span style="font-family: Monaco, Lucida Sans Typewriter,
monospace; color: black;">contact>> </span><span
style=""><a onmouseover="this.style.textDecoration = 'none'"
onmouseout="this.style.textDecoration = 'underline'"
style="color:#be0f34;" href="mailto:donf@uark.edu">donf@uark.edu</a>
| +1 (479) 575-2905</span> <br>
<span style="font-family: Monaco, Lucida Sans Typewriter,
monospace; color: black;">connect>> </span><span
style=""><a onmouseover="this.style.textDecoration = 'none'"
onmouseout="this.style.textDecoration = 'underline'"
style="color:#be0f34;"
href="http://www.facebook.com/uarkITS">uarkITS on Facebook</a>
| <a onmouseover="this.style.textDecoration = 'none'"
onmouseout="this.style.textDecoration = 'underline'"
style="color:#be0f34;" href="http://twitter.com/uaits">@uaits</a>
| <a onmouseover="this.style.textDecoration = 'none'"
onmouseout="this.style.textDecoration = 'underline'"
style="color:#be0f34;" href="http://twitter.com/dfaulkner">@dfaulkner</a>
</span>
</div>
</div>
</body>
</html>