IDEMPIERE-617 Enable logging of authentication failures

This commit is contained in:
Carlos Ruiz 2013-02-07 13:20:27 -05:00
parent a2080d5d84
commit 0becbfbf3e
3 changed files with 93 additions and 5 deletions

View File

@ -0,0 +1,77 @@
/******************************************************************************
* Product: iDempiere ERP & CRM Smart Business Solution *
* Copyright (C) Trek Global All Rights Reserved. *
* This program is free software; you can redistribute it and/or modify it *
* under the terms version 2 of the GNU General Public License as published *
* by the Free Software Foundation. This program is distributed in the hope *
* that it will be useful, but WITHOUT ANY WARRANTY; without even the implied *
* warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. *
* See the GNU General Public License for more details. *
* You should have received a copy of the GNU General Public License along *
* with this program; if not, write to the Free Software Foundation, Inc., *
* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA. *
* *
* @author Juliana Corredor, jcorredor@trekglobal.com *
* @author Carlos Ruiz *
*****************************************************************************/
package org.adempiere.util;
import java.io.BufferedWriter;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.OutputStreamWriter;
import java.io.Writer;
import java.sql.Timestamp;
import java.text.SimpleDateFormat;
import org.compiere.util.CLogger;
import org.compiere.util.DisplayType;
import org.compiere.util.Ini;
public class LogAuthFailure {
private static FileOutputStream file = null;
private static Writer writer;
/** Logger */
private static CLogger log = CLogger.getCLogger(LogAuthFailure.class);
public LogAuthFailure() {
String path = Ini.getAdempiereHome() + File.separator + "log";
String name = path + File.separator + "AuthFailure.log";
File fileName;
try {
fileName = new File(name);
file = new FileOutputStream(fileName, true);
writer = new BufferedWriter(new OutputStreamWriter(file, "UTF8"));
} catch (IOException e) {
log.fine(e.getMessage());
e.printStackTrace();
}
}
public void log(String clientIP, String context, String username, String msg) {
try {
SimpleDateFormat format = DisplayType.getTimestampFormat_Default();
String dateTimeText = format.format(new Timestamp(System.currentTimeMillis()));
writer.append("[");
writer.append(dateTimeText);
writer.append("] [error] [client ");
writer.append(clientIP);
writer.append("] [context ");
writer.append(context);
writer.append("] [username ");
writer.append(username);
writer.append("] ");
writer.append(msg);
writer.append("\n");
writer.flush();
} catch (Exception e) {
log.fine(e.getMessage());
}
}
}

View File

@ -1201,7 +1201,7 @@ public class Login
public KeyNamePair[] getClients(String app_user, String app_pwd) { public KeyNamePair[] getClients(String app_user, String app_pwd) {
log.info("User=" + app_user); log.info("User=" + app_user);
if (app_user == null) if (Util.isEmpty(app_user))
{ {
log.warning("No Apps User"); log.warning("No Apps User");
return null; return null;

View File

@ -31,6 +31,7 @@ import java.util.Locale;
import java.util.Properties; import java.util.Properties;
import java.util.logging.Level; import java.util.logging.Level;
import org.adempiere.util.LogAuthFailure;
import org.adempiere.webui.LayoutUtils; import org.adempiere.webui.LayoutUtils;
import org.adempiere.webui.apps.AEnv; import org.adempiere.webui.apps.AEnv;
import org.adempiere.webui.component.Button; import org.adempiere.webui.component.Button;
@ -100,6 +101,8 @@ public class LoginPanel extends Window implements EventListener<Event>
*/ */
private static final long serialVersionUID = -3181808670168474967L; private static final long serialVersionUID = -3181808670168474967L;
private static LogAuthFailure logAuthFailure = new LogAuthFailure();
private static final String ON_LOAD_TOKEN = "onLoadToken"; private static final String ON_LOAD_TOKEN = "onLoadToken";
private static CLogger logger = CLogger.getCLogger(LoginPanel.class); private static CLogger logger = CLogger.getCLogger(LoginPanel.class);
@ -522,13 +525,21 @@ public class LoginPanel extends Window implements EventListener<Event>
Session currSess = Executions.getCurrent().getDesktop().getSession(); Session currSess = Executions.getCurrent().getDesktop().getSession();
KeyNamePair clientsKNPairs[] = login.getClients(userId, userPassword); KeyNamePair clientsKNPairs[] = login.getClients(userId, userPassword);
if (clientsKNPairs == null || clientsKNPairs.length == 0) if (clientsKNPairs == null || clientsKNPairs.length == 0)
{ {
String loginErrMsg = login.getLoginErrMsg(); String loginErrMsg = login.getLoginErrMsg();
if (loginErrMsg != null && loginErrMsg.length() > 0) if (Util.isEmpty(loginErrMsg))
loginErrMsg = Msg.getMsg(ctx,"FailedLogin", true);
// IDEMPIERE-617
String x_Forward_IP = Executions.getCurrent().getHeader("X-Forwarded-For");
if (x_Forward_IP == null) {
x_Forward_IP = currSess.getRemoteAddr();
}
logAuthFailure.log(x_Forward_IP, "/webui", userId, loginErrMsg);
throw new WrongValueException(loginErrMsg); throw new WrongValueException(loginErrMsg);
else
throw new WrongValueException(Msg.getMsg(ctx,"FailedLogin", true));
} }
else else
{ {