JavaEE application security auditing

Question

I need to produce a security audit report of a Servlet/EJB based application deployed to WebSphere 8.5. The report must include user login, authentication time, logout time and the ip address.

The solution so far is to parse WebSphere security audit logs and interpret them into a report. The problem with this approach is that WebSphere produces copious amounts of security audit records which are not easy to analyze.

Is there a better way to get basic security audit information for a JavaEE application?

If I get you right, you should be able to do this kind of logging based on this answer: http://stackoverflow.com/a/3271748/1803294 in combination with this http://stackoverflow.com/a/12328868/1803294 — stg, Jul 18 '15 at 22:14

score 1 · Answer 1 · edited Jul 23 '15 at 13:25

1

You can parse the audit logs produced through use of the wsadmin binaryAuditReader CLI, which allows you to produce an html formatted file of only those attributes and events that you find of interest. Detailed information on how to use the CLI can be found here.

edited Jul 23 '15 at 13:25

Glorfindel

21,988
13
81
109

answered Jul 20 '15 at 15:10

Emily Tuczkowski

46
1

JavaEE application security auditing

1 Answers1