[PATCH] Updated Add detailed authentication logging for NTLM authentication.

Andrew Bartlett abartlet at samba.org
Fri Mar 10 21:03:49 UTC 2017


On Fri, 2017-03-10 at 13:04 +0200, Alexander Bokovoy wrote:
> On pe, 10 maalis 2017, Andreas Schneider wrote:
> > On Sunday, 5 March 2017 19:36:06 CET Gary Lockyer wrote:
> > > On 03/03/17 14:13, Jeremy Allison wrote:
> > > > On Fri, Mar 03, 2017 at 01:36:28PM +1300, Andrew Bartlett
> > > > wrote:
> > > > > Gary will continue on this to add the JSON, but I'm really
> > > > > pleased with
> > > > > the progress and hopefully we can get this much in to the
> > > > > tree soon.
> > > > > We now handle logging anonymous ldap and un-authenticated
> > > > > dce/rpc
> > > > > authorizations!
> > > 
> > > To generate the json log lines I'm planning on using glib-json
> > > https://developer.gnome.org/json-glib/stable/, rather than
> > > rolling my own.
> > > 
> > > Doing this however does add dependencies on
> > > * json-glib
> > > * gio
> > > * gobject
> > > * glib
> > > 
> > > And requires compiling with -pthread
> > > 
> > > Is this a reasonable approach?
> > 
> > I'm against glib.

Andreas:

Can you please elaborate?  Before we start re-working the code I would
appreciate understanding the technical objection.  To be clear: The
JSON auditing is optional based on the availability of the dependency..

> > Take a look at:
> > 
> > https://github.com/json-c/json-c/wiki
> 
> I'd suggest jansson: https://github.com/akheron/jansson
> We use it in JOSE (https://github.com/latchset/jose) and it also has
> very good documentation: https://jansson.readthedocs.io/en/latest/ind
> ex.html


Thanks.  We found it difficult to locate many packages that were
suitable, maintained and actually packaged.

Andrew Bartlett

-- 
Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba




More information about the samba-technical mailing list