The F-TICKS format implemented by this log appender is a generalization of the eduroam F-TICKS format:
'F-TICKS/' federationIdentifier '/' version *('#' attribute '=' value ) '#' |
In SWAMID federationIdentifier
is 'SWAMID' and version
is '1.0'.
The attributes exposed are:
Name | Description |
---|---|
TS | the login time stamp |
RP | the relying party entityID |
AP | the asserting party entityID (typcially the IdP) |
PN | a sha256-hash of the local principal name and a unique key |
AM | the authentication method URN |
Configuration is done in idp.properties:
Use the following command to generate a salt
openssl rand -base64 36 2>/dev/null |
Do not lose this salt once you've started to generate logs. If this salt is lost or reset then all local principal names will appear to have changed to analysis tools so avoid this! |
Add the following options to idp.properties
idp.fticks.federation=SWAMID idp.fticks.algorithm=SHA-256 idp.fticks.salt=<salt> idp.fticks.loghost=syslog.swamid.se |