Shibboleth Developers

[Chad La Joie <>]

Okay, last chance for comments.

The Shibboleth 2.0 IdP will have three logs: access, audit, and normal
log4j log(s).

Access: contains information about incoming requests, whether they
complete or error out.  Contains the following fields: request time,
remote host IP, server host IP, server port, request path

Audit: contains the following information about completed transactions,
note not all fields may appear for every request/response pair: response
time, asserting party ID, relying party ID, incoming request binding,
outgoing response binding, message profile, SAML request ID, SAML
response ID, user principal name, per-sp, per-principal authentication
method, ID of released attributes

log4j log(s): logging messages from the IdP as it executes, could be
split into separate logs based on severity (i.e. error log for error and
fatal messages, another for everything else).

Anything additional people need in either the access or audit logs?
Note that both logs will be written in some parsable format ( | (pipe)
delimited by default).
-- 
Chad La Joie             2052-C Harris Bldg
OIS-Middleware           202.687.0124