auditing #29
Comments
|
When i get online in a few hours i can have a look at the code and do a mud-map for you. I believe there's nothing stopping you from having multiple cards for one login as is, you'd just have try and register the tokens using the management tool i made (the basic winforms one). If you look at the config (in the folder where the service executable lives) you'll see that the layout supports it.
…________________________________
From: Shane Rees ***@***.***>
Sent: Saturday, October 14, 2023 4:47 PM
To: mclear/Sesame
Cc: Subscribed
Subject: [mclear/Sesame] auditing (Issue #29)
happy to do the code.
looking at creating an audit log e.g multiple cards for 1 login.
would look at using the ring / card name that is linked to the UI
I'm close in RingServiceHost, i have found
username = Marshal.PtrToStringAnsi(buffer) + "\\" + username;
This prints out the logged in user but not the card ID or card name.
—
Reply to this email directly, view it on GitHub<#29>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/ACKW3A4R454YDUKDDYUMXR3X7IYKVAVCNFSM6AAAAAA6ABTVXCVHI2DSMVQWIX3LMV43ASLTON2WKOZRHE2DGMBSHA4TAMI>.
You are receiving this because you are subscribed to this thread.Message ID: ***@***.***>
|
|
Great, in the registration UI i have put name so happy to use that if the card ID is linked to that name or card id either way, greatly appreciated. |
|
Basically, the registration ui was written later to make it more user friendly, but as a result it is less featured. If you want to give it multi-card or multi-user support you'll want to look at the management tool and pull features across. or just use the management tool if you're just wanting to do this yourself rather than having to edit the code. It should already support what you want.
…________________________________
From: Shane Rees ***@***.***>
Sent: Saturday, October 14, 2023 5:19 PM
To: mclear/Sesame
Cc: Maz; Comment
Subject: Re: [mclear/Sesame] auditing (Issue #29)
Great, in the registration UI i have put name so happy to use that if the card ID is linked to that name or card id either way, greatly appreciated.
—
Reply to this email directly, view it on GitHub<#29 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/ACKW3AYYZYJSQCKXOFHHPMLX7I4GZAVCNFSM6AAAAAA6ABTVXCVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTONRSGY4DANZUHA>.
You are receiving this because you commented.Message ID: ***@***.***>
|
|
I will look into the management. Either way I need to find a way to audit.
Need date, time and card or Name on card used.
…On Sat, 14 Oct 2023, 17:54 Maz, ***@***.***> wrote:
Basically, the registration ui was written later to make it more user
friendly, but as a result it is less featured. If you want to give it
multi-card or multi-user support you'll want to look at the management tool
and pull features across. or just use the management tool if you're just
wanting to do this yourself rather than having to edit the code. It should
already support what you want.
________________________________
From: Shane Rees ***@***.***>
Sent: Saturday, October 14, 2023 5:19 PM
To: mclear/Sesame
Cc: Maz; Comment
Subject: Re: [mclear/Sesame] auditing (Issue #29)
Great, in the registration UI i have put name so happy to use that if the
card ID is linked to that name or card id either way, greatly appreciated.
—
Reply to this email directly, view it on GitHub<
#29 (comment)>, or
unsubscribe<
https://github.com/notifications/unsubscribe-auth/ACKW3AYYZYJSQCKXOFHHPMLX7I4GZAVCNFSM6AAAAAA6ABTVXCVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTONRSGY4DANZUHA>.
You are receiving this because you commented.Message ID: ***@***.***>
—
Reply to this email directly, view it on GitHub
<#29 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAF35SIVAXMLA7L5RHJIK7DX7I4ZBANCNFSM6AAAAAA6ABTVXA>
.
You are receiving this because you authored the thread.Message ID:
***@***.***>
|
|
Where do you want that? It would be trivial to log to a text file, plus windows has it's security logs in event viewer if you were to assign each card a different windows ID (which is probably the more correct way to do it). The service is what passes the credential over so would be where you log the scan events, to get whether or not windows actually performed a login after that you'd have to look at editing the credential provider. Depends what you're hoping to get out of it.
________________________________
From: Shane Rees ***@***.***>
Sent: Saturday, October 14, 2023 5:32 PM
To: mclear/Sesame
Cc: Maz; Comment
Subject: Re: [mclear/Sesame] auditing (Issue #29)
I will look into the management. Either way I need to find a way to audit.
Need date, time and card or Name on card used.
On Sat, 14 Oct 2023, 17:54 Maz, ***@***.***> wrote:
Basically, the registration ui was written later to make it more user
friendly, but as a result it is less featured. If you want to give it
multi-card or multi-user support you'll want to look at the management tool
and pull features across. or just use the management tool if you're just
wanting to do this yourself rather than having to edit the code. It should
already support what you want.
________________________________
From: Shane Rees ***@***.***>
Sent: Saturday, October 14, 2023 5:19 PM
To: mclear/Sesame
Cc: Maz; Comment
Subject: Re: [mclear/Sesame] auditing (Issue #29)
Great, in the registration UI i have put name so happy to use that if the
card ID is linked to that name or card id either way, greatly appreciated.
—
Reply to this email directly, view it on GitHub<
#29 (comment)>, or
unsubscribe<
https://github.com/notifications/unsubscribe-auth/ACKW3AYYZYJSQCKXOFHHPMLX7I4GZAVCNFSM6AAAAAA6ABTVXCVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTONRSGY4DANZUHA>.
You are receiving this because you commented.Message ID: ***@***.***>
—
Reply to this email directly, view it on GitHub
<#29 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAF35SIVAXMLA7L5RHJIK7DX7I4ZBANCNFSM6AAAAAA6ABTVXA>
.
You are receiving this because you authored the thread.Message ID:
***@***.***>
—
Reply to this email directly, view it on GitHub<#29 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/ACKW3AZ2WK55GLQTWV6CPELX7I5V7AVCNFSM6AAAAAA6ABTVXCVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTONRSG4YDANZSGY>.
You are receiving this because you commented.Message ID: ***@***.***>
|
|
Looking just for a simple log file. I'm trying to make it user friendly so
the information is easy to find for the right people.
I was just looking at basic logging. Date, time, card name / ID and wetter
that card locked or unlocked the pc.
Looking at a communal pc so one username but multiple cards. Better than
having a pin set and giving that pin to all that require it.
…On Sat, 14 Oct 2023, 18:09 Maz, ***@***.***> wrote:
Where do you want that? It would be trivial to log to a text file, plus
windows has it's security logs in event viewer if you were to assign each
card a different windows ID (which is probably the more correct way to do
it). The service is what passes the credential over so would be where you
log the scan events, to get whether or not windows actually performed a
login after that you'd have to look at editing the credential provider.
Depends what you're hoping to get out of it.
________________________________
From: Shane Rees ***@***.***>
Sent: Saturday, October 14, 2023 5:32 PM
To: mclear/Sesame
Cc: Maz; Comment
Subject: Re: [mclear/Sesame] auditing (Issue #29)
I will look into the management. Either way I need to find a way to audit.
Need date, time and card or Name on card used.
On Sat, 14 Oct 2023, 17:54 Maz, ***@***.***> wrote:
> Basically, the registration ui was written later to make it more user
> friendly, but as a result it is less featured. If you want to give it
> multi-card or multi-user support you'll want to look at the management
tool
> and pull features across. or just use the management tool if you're just
> wanting to do this yourself rather than having to edit the code. It
should
> already support what you want.
>
>
>
> ________________________________
> From: Shane Rees ***@***.***>
> Sent: Saturday, October 14, 2023 5:19 PM
> To: mclear/Sesame
> Cc: Maz; Comment
> Subject: Re: [mclear/Sesame] auditing (Issue #29)
>
>
> Great, in the registration UI i have put name so happy to use that if
the
> card ID is linked to that name or card id either way, greatly
appreciated.
>
> —
> Reply to this email directly, view it on GitHub<
> #29 (comment)>, or
> unsubscribe<
>
https://github.com/notifications/unsubscribe-auth/ACKW3AYYZYJSQCKXOFHHPMLX7I4GZAVCNFSM6AAAAAA6ABTVXCVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTONRSGY4DANZUHA>.
>
> You are receiving this because you commented.Message ID: ***@***.***>
>
> —
> Reply to this email directly, view it on GitHub
> <#29 (comment)>,
or
> unsubscribe
> <
https://github.com/notifications/unsubscribe-auth/AAF35SIVAXMLA7L5RHJIK7DX7I4ZBANCNFSM6AAAAAA6ABTVXA>
> .
> You are receiving this because you authored the thread.Message ID:
> ***@***.***>
>
—
Reply to this email directly, view it on GitHub<
#29 (comment)>, or
unsubscribe<
https://github.com/notifications/unsubscribe-auth/ACKW3AZ2WK55GLQTWV6CPELX7I5V7AVCNFSM6AAAAAA6ABTVXCVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTONRSG4YDANZSGY>.
You are receiving this because you commented.Message ID: ***@***.***>
—
Reply to this email directly, view it on GitHub
<#29 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAF35SKAAB5LD4EHAS5HH5DX7I6RRANCNFSM6AAAAAA6ABTVXA>
.
You are receiving this because you authored the thread.Message ID:
***@***.***>
|
|
In
Service/NFCRingServiceCore/ServiceCore.cs
There are already log lines doing almost what you want. Just add something to represent the token to the log and i believe it'll have everything you want, albeit across multiple lines (due to the one to many relationship possible between tokens and events).
________________________________
From: Shane Rees ***@***.***>
Sent: Saturday, October 14, 2023 5:32 PM
To: mclear/Sesame
Cc: Maz; Comment
Subject: Re: [mclear/Sesame] auditing (Issue #29)
I will look into the management. Either way I need to find a way to audit.
Need date, time and card or Name on card used.
On Sat, 14 Oct 2023, 17:54 Maz, ***@***.***> wrote:
Basically, the registration ui was written later to make it more user
friendly, but as a result it is less featured. If you want to give it
multi-card or multi-user support you'll want to look at the management tool
and pull features across. or just use the management tool if you're just
wanting to do this yourself rather than having to edit the code. It should
already support what you want.
________________________________
From: Shane Rees ***@***.***>
Sent: Saturday, October 14, 2023 5:19 PM
To: mclear/Sesame
Cc: Maz; Comment
Subject: Re: [mclear/Sesame] auditing (Issue #29)
Great, in the registration UI i have put name so happy to use that if the
card ID is linked to that name or card id either way, greatly appreciated.
—
Reply to this email directly, view it on GitHub<
#29 (comment)>, or
unsubscribe<
https://github.com/notifications/unsubscribe-auth/ACKW3AYYZYJSQCKXOFHHPMLX7I4GZAVCNFSM6AAAAAA6ABTVXCVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTONRSGY4DANZUHA>.
You are receiving this because you commented.Message ID: ***@***.***>
—
Reply to this email directly, view it on GitHub
<#29 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAF35SIVAXMLA7L5RHJIK7DX7I4ZBANCNFSM6AAAAAA6ABTVXA>
.
You are receiving this because you authored the thread.Message ID:
***@***.***>
—
Reply to this email directly, view it on GitHub<#29 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/ACKW3AZ2WK55GLQTWV6CPELX7I5V7AVCNFSM6AAAAAA6ABTVXCVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTONRSG4YDANZSGY>.
You are receiving this because you commented.Message ID: ***@***.***>
|
|
Did you get anywhere with this? My work has blocked the IPC over loopback so I'm going to be making some changes to the code this weekend anyway. At the moment, if you wanted to register multiple rings, each one would need to enter the username and password for the Windows account (even if you're using the same account) because the password is encrypted using information from the NFC token. |
|
Yes it got it working. I created another function called audit (copied the
log function) and captured the token on up and down.
This will be ok for my use but getting the friendly name (token name) would
save a bit of time.
Thanks for the assistance
|
Hi Maz, After some testing doing the way i was the first time means any tag scanned was getting logged but was not acuate if that card was successful to login. All I need is a hand to get the Card ID into the |
|
What if the ApplicationConfig was a static / singleton that was accessible anywhere in the service and it’s plugins. Then you’d be able to look up the friendly name from the token list.
OR another idea might be to write a plugin that takes a parameter of the name you want to log, you register that once for each nfc token, and then it does nothing except write out the value of that parameter and the date etc with each scan.
The second one fits with the general design better, but the first one might be useful anyway. Let me know.
From: Shane Rees ***@***.***>
Sent: Thursday, 11 January 2024 3:27 PM
To: mclear/Sesame ***@***.***>
Cc: Maz ***@***.***>; Comment ***@***.***>
Subject: Re: [mclear/Sesame] auditing (Issue #29)
Did you get anywhere with this? My work has blocked the IPC over loopback so I'm going to be making some changes to the code this weekend anyway. Did you want me to put in some logging for you? Any features I build are going to be in the old WinForms CredentialRegistration management UI. If you want to add the ability to register multiple NFC tags with the NFCRing.UI.View, you would have to do that yourself.
At the moment, if you wanted to register multiple rings, each one would need to enter the username and password for the Windows account (even if you're using the same account) because the password is encrypted using information from the NFC token.
Hi Maz,
I have found the code in where the Session state is changed in the NFCRingServiceHost. This gets the current logged in user but it would be great to get the card ID or "Friendly name".
After some testing doing the way i was the first time means any tag scanned was getting logged but was not acuate if that card was successful to login.
All I need is a hand to get the Card ID into the NFCRingServiceHost.cs file.
—
Reply to this email directly, view it on GitHub<#29 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/ACKW3A72QHMM7XL4YFYCX7LYN5Z2ZAVCNFSM6AAAAAA6ABTVXCVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTQOBWGI3DOMBSG4>.
You are receiving this because you commented.Message ID: ***@***.***>
|
|
So I made some progress by making the `CardID` a global variable when the
current tag event is up or down.
This gives the cardID but the friendly name would be handy.
This is a good start and I'll do a branch and pull request so you can see
what I have thus far.
…On Sat, 13 Jan 2024, 01:54 Maz, ***@***.***> wrote:
What if the ApplicationConfig was a static / singleton that was accessible
anywhere in the service and it’s plugins. Then you’d be able to look up the
friendly name from the token list.
OR another idea might be to write a plugin that takes a parameter of the
name you want to log, you register that once for each nfc token, and then
it does nothing except write out the value of that parameter and the date
etc with each scan.
The second one fits with the general design better, but the first one
might be useful anyway. Let me know.
From: Shane Rees ***@***.***>
Sent: Thursday, 11 January 2024 3:27 PM
To: mclear/Sesame ***@***.***>
Cc: Maz ***@***.***>; Comment ***@***.***>
Subject: Re: [mclear/Sesame] auditing (Issue #29)
Did you get anywhere with this? My work has blocked the IPC over loopback
so I'm going to be making some changes to the code this weekend anyway. Did
you want me to put in some logging for you? Any features I build are going
to be in the old WinForms CredentialRegistration management UI. If you want
to add the ability to register multiple NFC tags with the NFCRing.UI.View,
you would have to do that yourself.
At the moment, if you wanted to register multiple rings, each one would
need to enter the username and password for the Windows account (even if
you're using the same account) because the password is encrypted using
information from the NFC token.
Hi Maz,
I have found the code in where the Session state is changed in the
NFCRingServiceHost. This gets the current logged in user but it would be
great to get the card ID or "Friendly name".
After some testing doing the way i was the first time means any tag
scanned was getting logged but was not acuate if that card was successful
to login.
All I need is a hand to get the Card ID into the NFCRingServiceHost.cs
file.
—
Reply to this email directly, view it on GitHub<
#29 (comment)>, or
unsubscribe<
https://github.com/notifications/unsubscribe-auth/ACKW3A72QHMM7XL4YFYCX7LYN5Z2ZAVCNFSM6AAAAAA6ABTVXCVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTQOBWGI3DOMBSG4>.
You are receiving this because you commented.Message ID: ***@***.***>
—
Reply to this email directly, view it on GitHub
<#29 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAF35SM2JMZVUJ7GGUD7VVTYOFIRFAVCNFSM6AAAAAA6ABTVXCVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTQOBZGUYDGMRRGI>
.
You are receiving this because you authored the thread.Message ID:
***@***.***>
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
happy to do the code.
looking at creating an audit log e.g multiple cards for 1 login.
would look at using the ring / card name that is linked to the UI
I'm close in RingServiceHost, i have found
username = Marshal.PtrToStringAnsi(buffer) + "\\" + username;This prints out the logged in user but not the card ID or card name.
The text was updated successfully, but these errors were encountered: