aspose file tools*
The moose likes JForum and the fly likes Urgently needed new feature: Log IP addresses when someone logs in Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Spring in Action this week in the Spring forum!
JavaRanch » Java Forums » Products » JForum
Bookmark "Urgently needed new feature: Log IP addresses when someone logs in" Watch "Urgently needed new feature: Log IP addresses when someone logs in" New topic
Author

Urgently needed new feature: Log IP addresses when someone logs in

Migrated From Jforum.net
Ranch Hand

Joined: Apr 22, 2012
Posts: 17424
There should be another table which logs login activity. When someone logs in, it should capture:

1. User IP address
2. Browser user-agent
3. Was the login successful or not?

This is basic basic stuff that should be there. Without this information there is little or no control over who is doing what on the system. You can see IP addresses in the server logs but those don't tell you anything about who is on the system or doing what.

If I could get into the code and figure out where to put a hook like this, I would add this feature myself.

[originally posted on jforum.net by CaliforniaCCW]
Migrated From Jforum.net
Ranch Hand

Joined: Apr 22, 2012
Posts: 17424
The best place to do this would be in the net.jforum.view.forum.UserActions class. In particular the the validateLogin() and logout() methods.

But these may not get called if you are using an SSO method or authenticating via cookie.

A quick way to do this would be to just use the logger object that's already there. E.g.:

logger.info("Security: user: X IP:y ....);

Another way I've done this in the past is to have a simple SecurityLog class with static logging methods. The advantage to this is that the log4j / commons.logging mechanisms let you direct specific class logging to different files. So by using a SecurityLog class, you can generate a separate security log. (Or not and just grep the log for the class to get the same info...).
[originally posted on jforum.net by monroe]
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Urgently needed new feature: Log IP addresses when someone logs in