Log format

The F-TICKS format implemented by this log appender is a generalization of the eduroam F-TICKS format:

'F-TICKS/' federationIdentifier '/' version *('#' attribute '=' value ) '#'

In SWAMID federationIdentifier is 'SWAMID' and version is '1.0'.

The attributes exposed are:

Name

Description

TS

the login time stamp

RP

the relying party entityID

AP

the asserting party entityID (typcially the IdP)

PN

a sha256-hash of the local principal name and a unique key

AM

the authentication method URN



The instruction is know to work for Shibboleth Identity Provider version 3.1 or later.

Configuration

Configuration is done in idp.properties:

Salt

Use the following command to generate a salt

openssl rand -base64 36 2>/dev/null


Do not lose this salt once you've started to generate logs. If this salt is lost or reset then all local principal names will appear to have changed to analysis tools so avoid this!


Enable the logging

Add the following options to idp.properties

idp.fticks.federation=SWAMID
idp.fticks.algorithm=SHA-256
idp.fticks.salt=<salt>
idp.fticks.loghost=syslog.swamid.se