How to log all authentication?

I've had a request to be able to see all authentication attempts for JIRA: date, userid, AD server if appropriate and the result. I suspect there is a log area and level somewhere for this but didn't see it after five minutes in the source. Does anyone have the right string for this kind of information

1 answer

1 vote
Chris Fuller Atlassian Team Apr 09, 2015

Does the atlassian-jira-security.log file not have what you need?  I'm not sure it says which AD server was used when that is relevant, but it should have everything else.

What goes into that log is controlled by log4j.properties.  The relevant log messages are partially generated by seraph and partly by LoginManagerImpl.

Thanks, Chris. It does except for the AD info. I poked around the source but didn't see what log name to use to show that AD info anywhere

Chris Fuller Atlassian Team Apr 13, 2015

Anything specific to the implementation, like the fact that it's talking to AD, would be logged by embedded crowd rather than JIRA itself. Unfortunately, it looks like they don't log a whole lot of information about that. The only log line I see offhand with enough information to work out what happened is probably this debug line from SpringLDAPConnector: logger.debug("Authenticating user '{}' with DN '{}'", name, user.getDn()); (I assume you would probably be able to work backwards from the DN to the directory that owns it). Turning debug logging on for that class would be an unacceptable amount of log spam.

Yeah, saw that. I think the easiest though annoying thing to do is to change LoginManagerImpl so that the log message "The user 'mdoar' has PASSED authentication." includes the user.getDirectoryId() info as well. It seems to work in a local test instance. Actually, it seems like that info would be useful in the atlassian-jira-security.log file anyway

Suggest an answer

Log in or Sign up to answer
Atlassian Community Anniversary

Happy Anniversary, Atlassian Community!

This community is celebrating its one-year anniversary and Atlassian co-founder Mike Cannon-Brookes has all the feels.

Read more
Community showcase
Julia Dillon
Posted Tuesday in Jira

Tell us how your team runs on Jira!

Hey Atlassian Community! Today we are launching a bunch of customer stories about the amazing work teams, like Dropbox and Twilio, are doing with Jira. You can check out the stories here. The thi...

541 views 1 18
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you