Tomcat 6.0.18 log of SAF logins

Issues and Questions related to running Apache Tomcat on z/OS
Post Reply
wrzawo
Posts: 3
Joined: Wed May 06, 2009 3:43 am
Location: Vienna

Tomcat 6.0.18 log of SAF logins

Post by wrzawo »

Hi,

we just enabled SAF security on Tomcat 6.0 and it works fine so far.

Is there a way to log SAF logins in a kind of journal dataset or STDOUT/STDERR?

Our environment: z/OS 1.10
JZOS 2.0.0
Tomcat 6.0.18
Java 1.5

Tomcat is our application server for iStrobe from Compuware.

Regards
Wolfgang Amon
Top
dovetail
Site Admin
Posts: 2022
Joined: Thu Jul 29, 2004 12:12 pm

Post by dovetail »

The best way would be to enable auditing in your SAF security package, but I don't know if that is possible.

Otherwise, the SafRealm java code would have to be changed to do this, since it currently does not log the information.

You could create a subclass of com.dovetail.zos.tomcat.SafRealm and override the authenticate(String, String) method to have something like this:

Code: Select all

public Principal authenticate(String username, String credentials) {
   Principal principal = super.authenticate(username, credentials);
   if (principal != null) {
      System.println("SAF user: " + principal.getName() + " logged in");
   }
   return principal;
}
Top
wrzawo
Posts: 3
Joined: Wed May 06, 2009 3:43 am
Location: Vienna

Post by wrzawo »

Thank you for the quick response.
The security package (ACF2 from CA) has an auditing feature, but i hoped to find this information in a log file within Tomcat. Maybe a future release of SafRealm can provide that ...
Regards
Top
Post Reply

Return to “Tomcat”