Fetching user IP in CAS

[Vikash Chandra Ansh]

Hi All,

Hope you are well. I have a small query. 

I have integrated a java application with CAS. Now I want the IP addresses of the users who are accessing my application.

Is it feasible in CAS to track this? I beleive in CAS we can track the IP or NLB of client application. Please advise

My cas version is 6.1

Thanks and regards

Vikash Chandra

[Stewart]

Hi Vikash,

I'm sure there is a more elegant solutions than what I'll suggest (I'm just an amateur...).    Why not parse CAS logs for the Service Access Granted stanza, it contains the IP address?  Of course if you have lots of traffic, it might be more efficient to parse the application's server logs....

Best Regards,

Stewart

--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BdrvxhsoCSrqsNWU-A5fCdPeMWV7AiN05%3DTM8-a0Wd0K8yuFA%40mail.gmail.com.

[Vikash Chandra Ansh]

Hi Stewart

Thanks for your reply.But in logs I can find the NLB url . What I am expecting is ,from which remote source (like personal machine IP), the user is accessing the NLB url.

Thanks and regards

To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CADdNXfHhNwBwdT7VKd0gnQ1XowNBdjb7GyVLg7oeKG8QAC8yTg%40mail.gmail.com.

[Stewart]

Sure, takes a bit of parsing, but you should see something like this in your logs:

=============================================================
WHO: audit:unknown
WHAT: [result=Service Access Granted,service=https://myapp.mydomain.com/login..,principal=SimplePrincipal(id=user),requiredAttributes={}]
ACTION: SERVICE_ACCESS_ENFORCEMENT_TRIGGERED
APPLICATION: CAS
WHEN: Fri Jul 02 09:00:58 PDT 2021
CLIENT IP ADDRESS: xx.xx.xxx
SERVER IP ADDRESS: xxx.xx.xxx.xxx
=============================================================

To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BdrvxgwBe6py%3DkRo3COBDa7FaQyr_Ve1FKJFtmc4XjVKUZDvQ%40mail.gmail.com.

[Vikash Chandra Ansh]

Sorry Stewart,

You haven't got my query. Ok let suppose CAS server has ip 192.18.10.2 and my application IP is 168.17.102.11. Now a user from IP 10.2.3.6 is accessing my application. 

So in audit log I could find the client IP as 168.17.102.11 not the user personal Ip

 and sever Ip as 192.18.10.2.

I want the user IP 10.2.3.6. Can we able to track this in CAS?

THANKS 

To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CADdNXfEO3DX_RjkRgr3rsdtt%2BCgY%3DR1d5_w2W6CFaZNi61_qwA%40mail.gmail.com.

[Stewart]

Hi Vikash,

Apologies if I missed something here, on our installation we see end user ip addresses in the CLIENT IP line of the cas.log, not application IPs.   

Now you’ve got me curious…since you’re seeing different,  how is your app integrated/authenticating with CAS?   (For example, we use CAS via mod_auth_cas, phpCAS, and a few others — these all cause a redirection to our login page, and the CLIENT IP shows up with the end users IP)

Best Regards,

Stewart

To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2Bdrvxh%3DaAB8oHwHOt0D3j7nj8hKqRai3nKDbkqqO_QaJvNSFg%40mail.gmail.com.

[King, Robert]

Really depends on the configuration of your CAS server.  Is it running on a servlet container, embedded or docker container?

 

For our particular case we use Tomcat as a servlet container and we had to enabled the remote ip valve in the server.xml configuration file.

 

https://groups.google.com/a/apereo.org/g/cas-user/c/5FCYwTROMz4/m/bE1suoR3AwAJ

To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2Bdrvxh%3DaAB8oHwHOt0D3j7nj8hKqRai3nKDbkqqO_QaJvNSFg%40mail.gmail.com.