Openbravo Issue Tracking System - Openbravo ERP
View Issue Details
IDProjectCategoryView StatusDate SubmittedLast Update
0031674Openbravo ERPA. Platformpublic2015-12-09 16:252017-03-15 20:20
Reporteralostale 
Assigned Toalostale 
PrioritylowSeveritytrivialReproducibilityhave not tried
StatusclosedResolutionfixed 
PlatformOS5OS Version
Product Version 
Target VersionFixed in Version3.0PR17Q2 
Merge Request Status
Review Assigned Tocaristu
OBNetwork customer
Web browser
ModulesCore
Support ticket
Regression level
Regression date
Regression introduced in release
Regression introduced by commit
Triggers an Emergency PackNo
Summary0031674: too verbose log for invalid login attempt
DescriptionWhen trying to log in Openbravo and the provided user/password is not correct, an error message is logged in openbravo.log including a full stack trace.
Steps To Reproduce-Try to log in Openbravo with an invalid user/password
  -> Check openbravo.log
2015-12-06 05:45:36,421 [ajp-nio-127.0.0.1-8009-exec-7] ERROR org.openbravo.authentication.AuthenticationException - IDENTIFICATION_FAILURE_TITLE
org.openbravo.authentication.AuthenticationException: IDENTIFICATION_FAILURE_TITLE
    at org.openbravo.authentication.basic.DefaultAuthenticationManager.doAuthenticate(DefaultAuthenticationManager.java:94)
    at org.openbravo.authentication.AuthenticationManager.authenticate(AuthenticationManager.java:142)
    at org.openbravo.base.secureApp.LoginHandler.doPost(LoginHandler.java:92)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:648)
    at org.openbravo.base.HttpBaseServlet.service(HttpBaseServlet.java:234)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:291)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
    at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
    at org.openbravo.utils.SessionExpirationFilter.doFilter(SessionExpirationFilter.java:66)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
    at org.openbravo.utils.CharsetFilter.doFilter(CharsetFilter.java:35)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
    at org.openbravo.client.kernel.KernelFilter$1.doAction(KernelFilter.java:62)
    at org.openbravo.dal.core.ThreadHandler.run(ThreadHandler.java:46)
    at org.openbravo.client.kernel.KernelFilter.doFilter(KernelFilter.java:71)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
    at org.openbravo.dal.core.DalRequestFilter$1.doAction(DalRequestFilter.java:81)
    at org.openbravo.dal.core.ThreadHandler.run(ThreadHandler.java:46)
    at org.openbravo.dal.core.DalRequestFilter.doFilter(DalRequestFilter.java:103)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:219)
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:106)
    at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:502)
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:142)
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88)
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:518)
    at org.apache.coyote.ajp.AbstractAjpProcessor.process(AbstractAjpProcessor.java:844)
    at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:673)
    at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1526)
    at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1482)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
    at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
    at java.lang.Thread.run(Thread.java:745)
Proposed Solution1. Change log severity from ERROR to DEBUG, in this way this will not appear in log by default unless log4j is configured to do so.
2. Remove stack trace from this log, in this way a single line will be logged for each incorrect attempt
Additional Information
TagsNo tags attached.
Relationships
related to defect 00314513.0PR16Q1 closed aferraz Openbravo ERP Error should not be logged in case we throw an OBException with logException parameter as false 
related to defect 0036582 closed ranjith_qualiantech_com Retail Modules Bad logging code at exception at MobileCoreLoginHandler 
blocks design defect 0036162 acknowledged Triage Platform Base Openbravo ERP clean up openbravo.log 
Attached Files
Issue History
Date ModifiedUsernameFieldChange
2015-12-09 16:25alostaleNew Issue
2015-12-09 16:25alostaleAssigned To => platform
2015-12-09 16:25alostaleModules => Core
2015-12-09 16:25alostaleTriggers an Emergency Pack => No
2015-12-09 16:27alostaleRelationship addedrelated to 0031451
2015-12-09 16:27alostaleStatusnew => acknowledged
2017-02-24 13:26alostaleReview Assigned To => caristu
2017-02-24 13:27hgbotCheckin
2017-02-24 13:27hgbotNote Added: 0094612
2017-02-24 13:27hgbotCheckin
2017-02-24 13:27hgbotNote Added: 0094613
2017-02-24 13:27hgbotStatusacknowledged => resolved
2017-02-24 13:27hgbotResolutionopen => fixed
2017-02-24 13:27hgbotFixed in SCM revision => http://code.openbravo.com/erp/devel/pi/rev/a393f7e134d622975c5d75cf1701d226e8e32dcd [^]
2017-02-24 13:27alostaleAssigned Toplatform => alostale
2017-02-24 15:19caristuNote Added: 0094617
2017-02-24 15:19caristuStatusresolved => closed
2017-02-24 15:19caristuFixed in Version => 3.0PR17Q2
2017-03-15 20:20hudsonbotCheckin
2017-03-15 20:20hudsonbotNote Added: 0095233
2017-03-15 20:20hudsonbotCheckin
2017-03-15 20:20hudsonbotNote Added: 0095234
2017-06-01 12:27alostaleRelationship addedblocks 0036162
2017-08-02 15:41ioritzCiaRelationship addedrelated to 0036582

Notes
(0094612)
hgbot   
2017-02-24 13:27   
Repository: erp/devel/pi
Changeset: 08e1c23f74a1783a434f46ddd9061397de147f50
Author: Asier Lostalé <asier.lostale <at> openbravo.com>
Date: Fri Feb 24 13:15:05 2017 +0100
URL: http://code.openbravo.com/erp/devel/pi/rev/08e1c23f74a1783a434f46ddd9061397de147f50 [^]

related to bug 31674: apply proper java formatting

---
M src/org/openbravo/authentication/basic/DefaultAuthenticationManager.java
---
(0094613)
hgbot   
2017-02-24 13:27   
Repository: erp/devel/pi
Changeset: a393f7e134d622975c5d75cf1701d226e8e32dcd
Author: Asier Lostalé <asier.lostale <at> openbravo.com>
Date: Fri Feb 24 13:26:11 2017 +0100
URL: http://code.openbravo.com/erp/devel/pi/rev/a393f7e134d622975c5d75cf1701d226e8e32dcd [^]

fixed issue 31674: don't show stack trace in log on failed login

  Removed log with error level for invalid logins. It was already logged
  with debug level which is enough.

---
M src/org/openbravo/authentication/basic/DefaultAuthenticationManager.java
---
(0094617)
caristu   
2017-02-24 15:19   
Code reviewed + tested OK.
(0095233)
hudsonbot   
2017-03-15 20:20   
A changeset related to this issue has been promoted main and to the
Central Repository, after passing a series of tests.

Promotion changeset: https://code.openbravo.com/erp/devel/main/rev/54e102bef53e [^]
Maturity status: Test
(0095234)
hudsonbot   
2017-03-15 20:20   
A changeset related to this issue has been promoted main and to the
Central Repository, after passing a series of tests.

Promotion changeset: https://code.openbravo.com/erp/devel/main/rev/54e102bef53e [^]
Maturity status: Test