Not capturing user IP when performing logout operation in admin portal

Question

Not capturing user IP when performing logout operation in admin portal

niranRameshPeiris opened this issue 3 years ago · 2 comments

Description:

There is a requirement to log client IP for admin-related activities in audit logs in APIM-4.0.0. The configurations required to achieve this are as below.

[audit.log.contextual_param]
params = ["remote_address"][catalina.valves.valve.properties]
className = "org.apache.catalina.valves.RemoteIpValve"
remoteIpHeader="X-Forwarded-For"
protocolHeader="X-Forwarded-Proto"
proxiesHeader="X-Forwarded-By"

But for the log-out operation, we could not capture the IP address of the user.

Login Action
TID: [-1234] [2022-04-01 11:48:36,878] INFO {AUDIT_LOG} - Initiator : admin | Action : Login | Target : ApplicationAuthenticationFramework | Data : { "ContextIdentifier" : "e0328f0e-1ec7-40fa-81c1-405908a1299e","AuthenticatedUser" : "admin","AuthenticatedUserTenantDomain" : "carbon.super","ServiceProviderName" : "apim_admin_portal","RequestType" : "oidc","RelyingParty" : "iRb8PwPJTsZ7WQ1DuOFXwrS9cYca","AuthenticatedIdPs" : "eyJ0eXAiOiJKV1QiLCAiYWxnIjoiSFMyNTYifQ==.eyJpc3MiOiJ3c28yIiwiZXhwIjoxNjQ4NzkzOTE2ODcyMzAwMCwiaWF0IjoxNjQ4NzkzOTE2ODcyLCJpZHBzIjpbeyJpZHAiOiJMT0NBTCIsImF1dGhlbnRpY2F0b3IiOiJCYXNpY0F1dGhlbnRpY2F0b3IifV19.pU6uR2MO9sEyKQsw3Qj2IHMCNCQ=","User Agent" : "null","RemoteAddress" : "127.0.0.1","UserStoreDomain" : "PRIMARY" } | Result : Success
Logout Action
TID: [-1234] [2022-04-01 11:49:26,261] INFO {AUDIT_LOG} - Initiator : admin | Action : Logout | Target : null | Data : { "ContextIdentifier" : "56c14984-7a91-4ff5-a07c-bb611897e505","LoggedOutUser" : "admin","LoggedOutUserTenantDomain" : "carbon.super","ServiceProviderName" : "apim_admin_portal","RequestType" : "oidc","RelyingParty" : "iRb8PwPJTsZ7WQ1DuOFXwrS9cYca","AuthenticatedIdPs" : "eyJ0eXAiOiJKV1QiLCAiYWxnIjoiSFMyNTYifQ==.eyJpc3MiOiJ3c28yIiwiZXhwIjoxNjQ4NzkzOTE2ODcyMzAwMCwiaWF0IjoxNjQ4NzkzOTE2ODcyLCJpZHBzIjpbeyJpZHAiOiJMT0NBTCIsImF1dGhlbnRpY2F0b3IiOiJCYXNpY0F1dGhlbnRpY2F0b3IifV19.pU6uR2MO9sEyKQsw3Qj2IHMCNCQ=" } | Result : Success

As you can see the RemoteAddress is not there in the logs for logout action.

Affected Product Version:

APIM-4.0.0

Answer 1 · 2022-09-05T05:41:21.000Z

Since the PRs are merged, @RakhithaRR can you check and close this please

Answer 2 · 2022-09-05T08:58:04.000Z

Closing this as the fixes are added to both master and 5.3.x branches.