IDEMPIERE-617 Enable logging of authentication failures

2013-02-07 13:20:27 -05:00 · 2013-02-07 13:20:27 -05:00 · 0becbfbf3e
parent a2080d5d84
commit 0becbfbf3e
3 changed files with 93 additions and 5 deletions
--- a/org.adempiere.base/src/org/adempiere/util/LogAuthFailure.java
+++ b/org.adempiere.base/src/org/adempiere/util/LogAuthFailure.java
@ -0,0 +1,77 @@
+/******************************************************************************
+ * Product: iDempiere ERP & CRM Smart Business Solution                       *
+ * Copyright (C) Trek Global All Rights Reserved.                             *
+ * This program is free software; you can redistribute it and/or modify it    *
+ * under the terms version 2 of the GNU General Public License as published   *
+ * by the Free Software Foundation. This program is distributed in the hope   *
+ * that it will be useful, but WITHOUT ANY WARRANTY; without even the implied *
+ * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.           *
+ * See the GNU General Public License for more details.                       *
+ * You should have received a copy of the GNU General Public License along    *
+ * with this program; if not, write to the Free Software Foundation, Inc.,    *
+ * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.                     *
+ *                                                                            *
+ * @author Juliana Corredor, jcorredor@trekglobal.com                        *
+ * @author Carlos Ruiz                                                       *
+ *****************************************************************************/
+package org.adempiere.util;
+
+import java.io.BufferedWriter;
+import java.io.File;
+import java.io.FileOutputStream;
+import java.io.IOException;
+import java.io.OutputStreamWriter;
+import java.io.Writer;
+import java.sql.Timestamp;
+import java.text.SimpleDateFormat;
+
+import org.compiere.util.CLogger;
+import org.compiere.util.DisplayType;
+import org.compiere.util.Ini;
+
+
+public class LogAuthFailure  {
+
+	private static FileOutputStream file = null;
+	private static Writer writer;
+	/**	Logger				*/
+	private static CLogger log = CLogger.getCLogger(LogAuthFailure.class);
+
+	public LogAuthFailure() {
+
+		String path = Ini.getAdempiereHome() + File.separator + "log";
+		String name = path + File.separator + "AuthFailure.log";
+		File fileName;
+		try {
+			fileName = new File(name);			  
+			file = new FileOutputStream(fileName, true);
+			writer = new BufferedWriter(new OutputStreamWriter(file, "UTF8"));
+		} catch (IOException e) {
+			log.fine(e.getMessage());
+			e.printStackTrace();
+		}
+	}
+
+	public void log(String clientIP, String context, String username, String msg) {
+		try {
+			SimpleDateFormat format = DisplayType.getTimestampFormat_Default();
+			String dateTimeText = format.format(new Timestamp(System.currentTimeMillis()));
+
+			writer.append("[");
+			writer.append(dateTimeText);
+			writer.append("] [error] [client ");
+			writer.append(clientIP);
+			writer.append("] [context ");
+			writer.append(context);
+			writer.append("] [username ");
+			writer.append(username);
+			writer.append("] ");
+			writer.append(msg);
+			writer.append("\n");
+			writer.flush();
+		} catch (Exception e) {
+			log.fine(e.getMessage());
+		}
+	}
+
+}
--- a/org.adempiere.base/src/org/compiere/util/Login.java
+++ b/org.adempiere.base/src/org/compiere/util/Login.java
@ -1201,7 +1201,7 @@ public class Login
 	public KeyNamePair[] getClients(String app_user, String app_pwd) {
 		log.info("User=" + app_user);

-		if (app_user == null)
+		if (Util.isEmpty(app_user))
 		{
 			log.warning("No Apps User");
 			return null;
--- a/org.adempiere.ui.zk/WEB-INF/src/org/adempiere/webui/panel/LoginPanel.java
+++ b/org.adempiere.ui.zk/WEB-INF/src/org/adempiere/webui/panel/LoginPanel.java
@ -31,6 +31,7 @@ import java.util.Locale;
 import java.util.Properties;
 import java.util.logging.Level;

+import org.adempiere.util.LogAuthFailure;
 import org.adempiere.webui.LayoutUtils;
 import org.adempiere.webui.apps.AEnv;
 import org.adempiere.webui.component.Button;
@ -100,6 +101,8 @@ public class LoginPanel extends Window implements EventListener<Event>
 	 */
 	private static final long serialVersionUID = -3181808670168474967L;

+	private static LogAuthFailure logAuthFailure = new LogAuthFailure();
+
 	private static final String ON_LOAD_TOKEN = "onLoadToken";
    private static CLogger logger = CLogger.getCLogger(LoginPanel.class);

@ -522,13 +525,21 @@ public class LoginPanel extends Window implements EventListener<Event>
        Session currSess = Executions.getCurrent().getDesktop().getSession();
        
        KeyNamePair clientsKNPairs[] = login.getClients(userId, userPassword);
+        
        if (clientsKNPairs == null || clientsKNPairs.length == 0)
        {
        	String loginErrMsg = login.getLoginErrMsg();
-        	if (loginErrMsg != null && loginErrMsg.length() > 0)
+        	if (Util.isEmpty(loginErrMsg))
+        		loginErrMsg = Msg.getMsg(ctx,"FailedLogin", true);
+
+        	// IDEMPIERE-617
+            String x_Forward_IP = Executions.getCurrent().getHeader("X-Forwarded-For");
+            if (x_Forward_IP == null) {
+            	 x_Forward_IP = currSess.getRemoteAddr();
+            }
+        	logAuthFailure.log(x_Forward_IP, "/webui", userId, loginErrMsg);
+
       		throw new WrongValueException(loginErrMsg);
-        	else
-        		throw new WrongValueException(Msg.getMsg(ctx,"FailedLogin", true));
        }
        else
        {