uaa icon indicating copy to clipboard operation
uaa copied to clipboard
verified publisher icon cloudfoundry

Event Examples for Failure situation

Open D035676 opened this issue 3 years ago • 4 comments

Hi Colleagues,

to monitor malicious scenarios, we need to have a deep look on Events protocolling Failure situation. Could you provide us event examples (e.g. a according JSON strings) for following Failure Events: UserAuthenticationFailure MfaAuthenticationFailure IdentityProviderAuthenticationFailure ClientAuthenticationFailure PrincipalAuthenticationFailure PasswordChangeFailure

best regards, Eugen

PS: above events were taken from https://docs.cloudfoundry.org/running/managing-cf/uaa-audit-requirements.html

D035676 avatar May 02 '22 08:05 D035676

We have created an issue in Pivotal Tracker to manage this:

https://www.pivotaltracker.com/story/show/182047924

The labels on this github issue will be updated when the story is started.

cf-gitbot avatar May 02 '22 08:05 cf-gitbot

@torsten-sap can you provide more details thus you worked on it

strehle avatar May 04 '22 13:05 strehle

Hi Torsten (@torsten-sap), could you help us with examples to above use-cases?

D035676 avatar May 12 '22 15:05 D035676

For IdentityProviderAuthenticationFailure you find two examples in the following PivotalTracker story: https://www.pivotaltracker.com/n/projects/997278/stories/154404992

Keep in mind that often one failure causes another, e.g.:

  • UserAuthenticationFailure -> PrincipalAuthenticationFailure
  • IdentityProviderAuthenticationFailure -> PrincipalAuthenticationFailure

MfaAuthenticationFailure and PasswordChangeFailure should not be relevant for you.

@tack-sap Do you by chance have examples for UserAuthenticationFailure, ClientAuthenticationFailure and PrincipalAuthenticationFailure?

torsten-sap avatar May 12 '22 16:05 torsten-sap