IDEMPIERE-617 Enable logging of authentication failures
This commit is contained in:
parent
a2080d5d84
commit
0becbfbf3e
|
@ -0,0 +1,77 @@
|
||||||
|
/******************************************************************************
|
||||||
|
* Product: iDempiere ERP & CRM Smart Business Solution *
|
||||||
|
* Copyright (C) Trek Global All Rights Reserved. *
|
||||||
|
* This program is free software; you can redistribute it and/or modify it *
|
||||||
|
* under the terms version 2 of the GNU General Public License as published *
|
||||||
|
* by the Free Software Foundation. This program is distributed in the hope *
|
||||||
|
* that it will be useful, but WITHOUT ANY WARRANTY; without even the implied *
|
||||||
|
* warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. *
|
||||||
|
* See the GNU General Public License for more details. *
|
||||||
|
* You should have received a copy of the GNU General Public License along *
|
||||||
|
* with this program; if not, write to the Free Software Foundation, Inc., *
|
||||||
|
* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA. *
|
||||||
|
* *
|
||||||
|
* @author Juliana Corredor, jcorredor@trekglobal.com *
|
||||||
|
* @author Carlos Ruiz *
|
||||||
|
*****************************************************************************/
|
||||||
|
package org.adempiere.util;
|
||||||
|
|
||||||
|
import java.io.BufferedWriter;
|
||||||
|
import java.io.File;
|
||||||
|
import java.io.FileOutputStream;
|
||||||
|
import java.io.IOException;
|
||||||
|
import java.io.OutputStreamWriter;
|
||||||
|
import java.io.Writer;
|
||||||
|
import java.sql.Timestamp;
|
||||||
|
import java.text.SimpleDateFormat;
|
||||||
|
|
||||||
|
import org.compiere.util.CLogger;
|
||||||
|
import org.compiere.util.DisplayType;
|
||||||
|
import org.compiere.util.Ini;
|
||||||
|
|
||||||
|
|
||||||
|
public class LogAuthFailure {
|
||||||
|
|
||||||
|
private static FileOutputStream file = null;
|
||||||
|
private static Writer writer;
|
||||||
|
/** Logger */
|
||||||
|
private static CLogger log = CLogger.getCLogger(LogAuthFailure.class);
|
||||||
|
|
||||||
|
public LogAuthFailure() {
|
||||||
|
|
||||||
|
String path = Ini.getAdempiereHome() + File.separator + "log";
|
||||||
|
String name = path + File.separator + "AuthFailure.log";
|
||||||
|
File fileName;
|
||||||
|
try {
|
||||||
|
fileName = new File(name);
|
||||||
|
file = new FileOutputStream(fileName, true);
|
||||||
|
writer = new BufferedWriter(new OutputStreamWriter(file, "UTF8"));
|
||||||
|
} catch (IOException e) {
|
||||||
|
log.fine(e.getMessage());
|
||||||
|
e.printStackTrace();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public void log(String clientIP, String context, String username, String msg) {
|
||||||
|
try {
|
||||||
|
SimpleDateFormat format = DisplayType.getTimestampFormat_Default();
|
||||||
|
String dateTimeText = format.format(new Timestamp(System.currentTimeMillis()));
|
||||||
|
|
||||||
|
writer.append("[");
|
||||||
|
writer.append(dateTimeText);
|
||||||
|
writer.append("] [error] [client ");
|
||||||
|
writer.append(clientIP);
|
||||||
|
writer.append("] [context ");
|
||||||
|
writer.append(context);
|
||||||
|
writer.append("] [username ");
|
||||||
|
writer.append(username);
|
||||||
|
writer.append("] ");
|
||||||
|
writer.append(msg);
|
||||||
|
writer.append("\n");
|
||||||
|
writer.flush();
|
||||||
|
} catch (Exception e) {
|
||||||
|
log.fine(e.getMessage());
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
|
@ -1201,7 +1201,7 @@ public class Login
|
||||||
public KeyNamePair[] getClients(String app_user, String app_pwd) {
|
public KeyNamePair[] getClients(String app_user, String app_pwd) {
|
||||||
log.info("User=" + app_user);
|
log.info("User=" + app_user);
|
||||||
|
|
||||||
if (app_user == null)
|
if (Util.isEmpty(app_user))
|
||||||
{
|
{
|
||||||
log.warning("No Apps User");
|
log.warning("No Apps User");
|
||||||
return null;
|
return null;
|
||||||
|
|
|
@ -31,6 +31,7 @@ import java.util.Locale;
|
||||||
import java.util.Properties;
|
import java.util.Properties;
|
||||||
import java.util.logging.Level;
|
import java.util.logging.Level;
|
||||||
|
|
||||||
|
import org.adempiere.util.LogAuthFailure;
|
||||||
import org.adempiere.webui.LayoutUtils;
|
import org.adempiere.webui.LayoutUtils;
|
||||||
import org.adempiere.webui.apps.AEnv;
|
import org.adempiere.webui.apps.AEnv;
|
||||||
import org.adempiere.webui.component.Button;
|
import org.adempiere.webui.component.Button;
|
||||||
|
@ -100,6 +101,8 @@ public class LoginPanel extends Window implements EventListener<Event>
|
||||||
*/
|
*/
|
||||||
private static final long serialVersionUID = -3181808670168474967L;
|
private static final long serialVersionUID = -3181808670168474967L;
|
||||||
|
|
||||||
|
private static LogAuthFailure logAuthFailure = new LogAuthFailure();
|
||||||
|
|
||||||
private static final String ON_LOAD_TOKEN = "onLoadToken";
|
private static final String ON_LOAD_TOKEN = "onLoadToken";
|
||||||
private static CLogger logger = CLogger.getCLogger(LoginPanel.class);
|
private static CLogger logger = CLogger.getCLogger(LoginPanel.class);
|
||||||
|
|
||||||
|
@ -522,13 +525,21 @@ public class LoginPanel extends Window implements EventListener<Event>
|
||||||
Session currSess = Executions.getCurrent().getDesktop().getSession();
|
Session currSess = Executions.getCurrent().getDesktop().getSession();
|
||||||
|
|
||||||
KeyNamePair clientsKNPairs[] = login.getClients(userId, userPassword);
|
KeyNamePair clientsKNPairs[] = login.getClients(userId, userPassword);
|
||||||
|
|
||||||
if (clientsKNPairs == null || clientsKNPairs.length == 0)
|
if (clientsKNPairs == null || clientsKNPairs.length == 0)
|
||||||
{
|
{
|
||||||
String loginErrMsg = login.getLoginErrMsg();
|
String loginErrMsg = login.getLoginErrMsg();
|
||||||
if (loginErrMsg != null && loginErrMsg.length() > 0)
|
if (Util.isEmpty(loginErrMsg))
|
||||||
|
loginErrMsg = Msg.getMsg(ctx,"FailedLogin", true);
|
||||||
|
|
||||||
|
// IDEMPIERE-617
|
||||||
|
String x_Forward_IP = Executions.getCurrent().getHeader("X-Forwarded-For");
|
||||||
|
if (x_Forward_IP == null) {
|
||||||
|
x_Forward_IP = currSess.getRemoteAddr();
|
||||||
|
}
|
||||||
|
logAuthFailure.log(x_Forward_IP, "/webui", userId, loginErrMsg);
|
||||||
|
|
||||||
throw new WrongValueException(loginErrMsg);
|
throw new WrongValueException(loginErrMsg);
|
||||||
else
|
|
||||||
throw new WrongValueException(Msg.getMsg(ctx,"FailedLogin", true));
|
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
|
|
Loading…
Reference in New Issue