Uploaded image for project: 'Crowd Data Center'
  1. Crowd Data Center
  2. CWD-557

Support traceability of autehtication request to enable intrustion detection and forensics -> add requesting IP to authenticatePrincipal and add analyzable logs

    • Icon: Suggestion Suggestion
    • Resolution: Tracked Elsewhere
    • None
    • Plugins, SOAP
    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

      What we would like to do is to monitor access patterns to our extranet to spot intrusions, intrusion attempts. So far we are goind this by analyzing the logs of our central inbound proxy server and correlating users, source IP domains and other information.
      With CROWD we gained a central authetication point that records all authentication requests which is great.

      However there are a few things that could be improved:

      • It would be nice if CROWD could write a simple audit trail that just records: username, requesting IP (the IP of the applications user, not the application), application and possibly requested information. Preferably in a format a la common log format so that it can be easily processed.
      • We can extract this from the current logs (it is a little bit more complicated, but for this god gave us Perl). However what CROWD does not log is the IP of the reuqesting user. Looking at the SOAP API, this information is never given to CROWD. So I suggest to extend the API. This would also allow (possible) CROWD plugins that can enforce IP ranges.

            [CWD-557] Support traceability of autehtication request to enable intrustion detection and forensics -> add requesting IP to authenticatePrincipal and add analyzable logs

            Katherine Yabut made changes -
            Workflow Original: JAC Suggestion Workflow [ 3363111 ] New: JAC Suggestion Workflow 3 [ 3625968 ]
            Status Original: RESOLVED [ 5 ] New: Closed [ 6 ]
            Monique Khairuliana (Inactive) made changes -
            Workflow Original: Simplified Crowd Development Workflow v2 [ 1393610 ] New: JAC Suggestion Workflow [ 3363111 ]
            Issue Type Original: New Feature [ 2 ] New: Suggestion [ 10000 ]
            Status Original: Closed [ 6 ] New: Resolved [ 5 ]
            Lukasz Pater made changes -
            Resolution New: Tracked Elsewhere [ 15 ]
            Status Original: Open [ 1 ] New: Closed [ 6 ]
            Lukasz Pater made changes -
            Link New: This issue duplicates CWD-4353 [ CWD-4353 ]
            Owen made changes -
            Workflow Original: Crowd Development Workflow v2 [ 272005 ] New: Simplified Crowd Development Workflow v2 [ 1393610 ]
            Caspar Krieger (Inactive) made changes -
            Link New: This issue is related to CWD-2557 [ CWD-2557 ]
            Helen Hung (Inactive) made changes -
            Link New: This issue duplicates CWD-538 [ CWD-538 ]
            joe made changes -
            Assignee Original: Justen Stepka [Atlassian] [ justen.stepka@atlassian.com ]
            joe made changes -
            Remaining Estimate New: 24h [ 86400 ]
            Original Estimate New: 24h [ 86400 ]
            shihab made changes -
            Labels New: bug-fix

              Unassigned Unassigned
              150ccb5cf9f8 kgbvax
              Votes:
              12 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated:
                Resolved:

                  Estimated:
                  Original Estimate - 24h
                  24h
                  Remaining:
                  Remaining Estimate - 24h
                  24h
                  Logged:
                  Time Spent - Not Specified
                  Not Specified