Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-9983

Username not printed in Audit log for Failed Authentication

    Details

    • Sprint:
      AM Sustaining Sprint 31
    • Story Points:
      3

      Description

      In amAuthentication.error [audit log] log of OpenAM, it does not log the UserID/LoginID if user is not found in the datastore. In other cases [invalid password/user locked] UserID/LoginID is being logged with proper message by OpenAM.

      Current Behavior [ in case of "User not found"]

      "2016-10-21 15:27:37" "Login Failed" "Not Available" "Not Available" 127.0.0.1 INFO o=bns,ou=services,dc=openam,dc=forgerock,dc=org AUTHENTICATION-200 "cn=dsameuser,ou=DSAME Users,dc=openam,dc=forgerock,dc=org" "Not Available" LDAP 127.0.0.1
      

      Expected Behavior [in case of "User not found"] with proper message.

      "2016-10-21 15:27:37" "User not found" "Not Available" "*Test*" 127.0.0.1 INFO o=bns,ou=services,dc=openam,dc=forgerock,dc=org AUTHENTICATION-200 "cn=dsameuser,ou=DSAME Users,dc=openam,dc=forgerock,dc=org" "Not Available" LDAP 127.0.0.1
      

      In 13.x when new audit logging was introduced, non of the auth module will log username in failure case.
      In 11.0.x and 12.0.x, LDAP auth module does not log the username in case user wasn't found.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                sachiko Sachiko Wallace
                Reporter:
                skarmakar sanjoy karmakar
                QA Assignee:
                Filip Kubáň [X] (Inactive)
              • Votes:
                0 Vote for this issue
                Watchers:
                7 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: