XP client to 2k3 server?

Nov 26, 2010 at 7:42 PM

Hi,

I am looking to make my application write its logs to the Windows event log and came across your project when searching for advice. My application runs client server (client = Windows XP SP2 and server = Windows Server 2003).

I want to configure the clients to log messages in the Application log on the server. Is this possible using Log4JNA? If so can I log the events as the user running the client application on the XP machine (they are logged in as domain users with the server as the domain controller). I would like the User column in the Event Viewer to contain the username of the user that caused the event to be logged. I have played around with the EventCreate.exe wihtout much luck in getting the username to appear. Can Log4JNA help me achieve this?

Any help/suggestions would be much appreciated

kezz2k2

Coordinator
Nov 27, 2010 at 1:12 PM

I assume you have a Java application.

  1. Do I understand this correctly - a client makes a request and the server wants to log to the event log with the correct username of the client?
  2. How does the client communicate with the server? 
  3. How does the server know the username from the client?
Nov 27, 2010 at 1:21 PM

Hi,

Thanks for your reply. The client connects to RMI services running on the server. The users are stored in active directory and a JAAS subject is passed in the RMI calls so that the server knows which user is making the call. The client side currently logs user actions into an Oracle database (stored on the server - by making calls to our logging framework). I want to move this logging out of Oracle and into the Windows event log on the server.

1. A client makes a request to the server. I would like the client to log to the server's event log (central repository where all client logs appear - e.g. user A did something on client B)

2. RMI calls but this isn't relevant I don't think (as I want the client to log to the servers logs) The user logged in on the client is a valid domain account.

3. The service doesn't need to know for logging if the client is doing it. The server knows the user's identity because of the JAAS Subject that is passed in each RMI call (so the server could log on behalf of the client if this makes things easier/possible)

Thanks

kezz2k2.

Coordinator
Nov 27, 2010 at 1:38 PM

Abstracting away from log4jna for a second ... my first thought is that in order to get the correct username in the event log you should be running as that user. If you were, you're done. But for your app this means impersonating the user on the server (possible, but maybe too complicated).

Then, the Win32 ReportEvent function takes a user SID, which I imagine translates to the username in the event log. This would need ot be verified. I think you should try to write a piece of code that writes an event (get log4jna or JNA source and use a unit test as a starter), extend that to use LookupAccountName Win32 API to find some other user's SID (see this) and pass the SID into the call.

If you can get this to work, then the code can be ported into log4jna to expose that as a feature.