Date: Fri, 29 Mar 2024 12:28:05 +0000 (GMT) Message-ID: <1665232596.3394.1711715285278@a2be6a7a0dbc> Subject: Exported From Confluence MIME-Version: 1.0 Content-Type: multipart/related; boundary="----=_Part_3393_1603581785.1711715285278" ------=_Part_3393_1603581785.1711715285278 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Content-Location: file:///C:/exported.html
The F-TICKS format implemented by this log appender is a generalization = of the eduroam F-TICKS format:
'F-TICK= S/' federationIdentifier '/' version *('#' attribute '=3D' value ) '#'
In SWAMID federationIdentifier
is 'SWAMID' and versio=
n
is '1.0'.
The attributes exposed are:
Name |
Description |
---|---|
TS |
the login time stamp |
RP |
the relying party entityID |
AP |
the asserting party entityID (typcially the I= dP) |
PN |
a sha256-hash of the local principal name and= a unique key |
AM |
the authentication method URN |
Configuration is done in idp.properties:
Use the following command to generate a salt
openssl= rand -base64 36 2>/dev/null
Do not lose this salt once you've started to generate logs. If this salt= is lost or reset then all local principal names will appear to have change= d to analysis tools so avoid this!
Add the following options to idp.properties
idp.fti= cks.federation=3DSWAMID idp.fticks.algorithm=3DSHA-256 idp.fticks.salt=3D<salt> idp.fticks.loghost=3Dsyslog.swamid.se