Project:
| View Issue Details[ Jump to Notes ] | [ Issue History ] [ Print ] | |||||||
| ID | ||||||||
| 0031674 | ||||||||
| Type | Category | Severity | Reproducibility | Date Submitted | Last Update | |||
| defect | [Openbravo ERP] A. Platform | trivial | have not tried | 2015-12-09 16:25 | 2017-03-15 20:20 | |||
| Reporter | alostale | View Status | public | |||||
| Assigned To | alostale | |||||||
| Priority | low | Resolution | fixed | Fixed in Version | 3.0PR17Q2 | |||
| Status | closed | Fix in branch | Fixed in SCM revision | a393f7e134d6 | ||||
| Projection | none | ETA | none | Target Version | ||||
| OS | Any | Database | Any | Java version | ||||
| OS Version | Database version | Ant version | ||||||
| Product Version | SCM revision | |||||||
| Review Assigned To | caristu | |||||||
| Web browser | ||||||||
| Modules | Core | |||||||
| Regression level | ||||||||
| Regression date | ||||||||
| Regression introduced in release | ||||||||
| Regression introduced by commit | ||||||||
| Triggers an Emergency Pack | No | |||||||
| Summary | 0031674: too verbose log for invalid login attempt | |||||||
| Description | When trying to log in Openbravo and the provided user/password is not correct, an error message is logged in openbravo.log including a full stack trace. | |||||||
| Steps To Reproduce | -Try to log in Openbravo with an invalid user/password -> Check openbravo.log 2015-12-06 05:45:36,421 [ajp-nio-127.0.0.1-8009-exec-7] ERROR org.openbravo.authentication.AuthenticationException - IDENTIFICATION_FAILURE_TITLE org.openbravo.authentication.AuthenticationException: IDENTIFICATION_FAILURE_TITLE at org.openbravo.authentication.basic.DefaultAuthenticationManager.doAuthenticate(DefaultAuthenticationManager.java:94) at org.openbravo.authentication.AuthenticationManager.authenticate(AuthenticationManager.java:142) at org.openbravo.base.secureApp.LoginHandler.doPost(LoginHandler.java:92) at javax.servlet.http.HttpServlet.service(HttpServlet.java:648) at org.openbravo.base.HttpBaseServlet.service(HttpBaseServlet.java:234) at javax.servlet.http.HttpServlet.service(HttpServlet.java:729) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:291) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.openbravo.utils.SessionExpirationFilter.doFilter(SessionExpirationFilter.java:66) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.openbravo.utils.CharsetFilter.doFilter(CharsetFilter.java:35) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.openbravo.client.kernel.KernelFilter$1.doAction(KernelFilter.java:62) at org.openbravo.dal.core.ThreadHandler.run(ThreadHandler.java:46) at org.openbravo.client.kernel.KernelFilter.doFilter(KernelFilter.java:71) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.openbravo.dal.core.DalRequestFilter$1.doAction(DalRequestFilter.java:81) at org.openbravo.dal.core.ThreadHandler.run(ThreadHandler.java:46) at org.openbravo.dal.core.DalRequestFilter.doFilter(DalRequestFilter.java:103) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:219) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:106) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:502) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:142) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:518) at org.apache.coyote.ajp.AbstractAjpProcessor.process(AbstractAjpProcessor.java:844) at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:673) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1526) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1482) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.lang.Thread.run(Thread.java:745) | |||||||
| Proposed Solution | 1. Change log severity from ERROR to DEBUG, in this way this will not appear in log by default unless log4j is configured to do so. 2. Remove stack trace from this log, in this way a single line will be logged for each incorrect attempt | |||||||
| Tags | No tags attached. | |||||||
| Attached Files | ||||||||
 Relationships [ Relation Graph ]
[ Dependency Graph ]
|
|||||||||||||||||||||||||
|
|||||||||||||||||||||||||
 Relationships |
|
Notes |
|
|
(0094612) hgbot (developer) 2017-02-24 13:27 |
Repository: erp/devel/pi Changeset: 08e1c23f74a1783a434f46ddd9061397de147f50 Author: Asier Lostalé <asier.lostale <at> openbravo.com> Date: Fri Feb 24 13:15:05 2017 +0100 URL: http://code.openbravo.com/erp/devel/pi/rev/08e1c23f74a1783a434f46ddd9061397de147f50 [^] related to bug 31674: apply proper java formatting --- M src/org/openbravo/authentication/basic/DefaultAuthenticationManager.java --- |
|
(0094613) hgbot (developer) 2017-02-24 13:27 |
Repository: erp/devel/pi Changeset: a393f7e134d622975c5d75cf1701d226e8e32dcd Author: Asier Lostalé <asier.lostale <at> openbravo.com> Date: Fri Feb 24 13:26:11 2017 +0100 URL: http://code.openbravo.com/erp/devel/pi/rev/a393f7e134d622975c5d75cf1701d226e8e32dcd [^] fixed issue 31674: don't show stack trace in log on failed login Removed log with error level for invalid logins. It was already logged with debug level which is enough. --- M src/org/openbravo/authentication/basic/DefaultAuthenticationManager.java --- |
|
(0094617) caristu (developer) 2017-02-24 15:19 |
Code reviewed + tested OK. |
|
(0095233) hudsonbot (developer) 2017-03-15 20:20 |
A changeset related to this issue has been promoted main and to the Central Repository, after passing a series of tests. Promotion changeset: https://code.openbravo.com/erp/devel/main/rev/54e102bef53e [^] Maturity status: Test |
|
(0095234) hudsonbot (developer) 2017-03-15 20:20 |
A changeset related to this issue has been promoted main and to the Central Repository, after passing a series of tests. Promotion changeset: https://code.openbravo.com/erp/devel/main/rev/54e102bef53e [^] Maturity status: Test |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2015-12-09 16:25 | alostale | New Issue | |
| 2015-12-09 16:25 | alostale | Assigned To | => platform |
| 2015-12-09 16:25 | alostale | Modules | => Core |
| 2015-12-09 16:25 | alostale | Triggers an Emergency Pack | => No |
| 2015-12-09 16:27 | alostale | Relationship added | related to 0031451 |
| 2015-12-09 16:27 | alostale | Status | new => acknowledged |
| 2017-02-24 13:26 | alostale | Review Assigned To | => caristu |
| 2017-02-24 13:27 | hgbot | Checkin | |
| 2017-02-24 13:27 | hgbot | Note Added: 0094612 | |
| 2017-02-24 13:27 | hgbot | Checkin | |
| 2017-02-24 13:27 | hgbot | Note Added: 0094613 | |
| 2017-02-24 13:27 | hgbot | Status | acknowledged => resolved |
| 2017-02-24 13:27 | hgbot | Resolution | open => fixed |
| 2017-02-24 13:27 | hgbot | Fixed in SCM revision | => http://code.openbravo.com/erp/devel/pi/rev/a393f7e134d622975c5d75cf1701d226e8e32dcd [^] |
| 2017-02-24 13:27 | alostale | Assigned To | platform => alostale |
| 2017-02-24 15:19 | caristu | Note Added: 0094617 | |
| 2017-02-24 15:19 | caristu | Status | resolved => closed |
| 2017-02-24 15:19 | caristu | Fixed in Version | => 3.0PR17Q2 |
| 2017-03-15 20:20 | hudsonbot | Checkin | |
| 2017-03-15 20:20 | hudsonbot | Note Added: 0095233 | |
| 2017-03-15 20:20 | hudsonbot | Checkin | |
| 2017-03-15 20:20 | hudsonbot | Note Added: 0095234 | |
| 2017-06-01 12:27 | alostale | Relationship added | blocks 0036162 |
| 2017-08-02 15:41 | ioritzCia | Relationship added | related to 0036582 |
|
Issue History |
| Copyright © 2000 - 2009 MantisBT Group |
 |