0

I am the ISSE for a custom web application for the DoD and we need to display the following information to each user in their home screen:

Unsuccessful Logon: Date Time IP Address

Successful Logon: Date Time IP Address

My developer can't figure it out.

The app is written in CF8 we're using IIS 7.0 and the application is CAC enabled so login is accomplished w/ CAC (token) and PIN. IIS enforces the CAC login piece so I know there must be a logging function that can capture the Date/Time/IP and failed or successful piece but I don't know how that info could be relayed to the app and displayed to each user every time they login on their home screen. For those familiar we are tying to satisfy the APP3660 rule in the Application Security and Development STIG.

I really appreciate any help... Apologize if this is an "Are you smarter than a 5th grader" type of question.

Anthony Mastrean
  • 21,850
  • 21
  • 110
  • 188
cabo
  • 1
  • Not sure how to do this. You could try to parse the iis logs. There is also a way to setup an ODBC connection for the logs. http://www.iis.net/configreference/system.webserver/odbclogging – abbottmw Aug 30 '14 at 04:15

1 Answers1

0

You should be able to get at the information as CGI environment variables. Links: http://httpd.apache.org/docs/2.0/mod/mod_ssl.html https://www.google.com/search?q=CGI.CERT_SUBJECT&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-US:official&client=firefox-a&channel=rcs

jim collins
  • 417
  • 1
  • 8
  • 17
  • Could you elaborate? ie So the answer can stand on its own, even if the links change or break. (That said, it sounds like he is looking for details about the last successful and failed logins. Environment variables probably won't do the trick here..) – Leigh Sep 03 '14 at 22:18
  • Yes agreed the issue we're running into is how the IP, date time can be captured by IIS and then passed to the CF (which upon failed login would be totally unaware of any login attempt as a failed login attempt is terminated by ISS w/ our token login system we current have. – cabo Sep 05 '14 at 11:21