[OPENAM-10056] Failure reason was not printed in audit log for "User Not Found" case Created: 22/Nov/16  Updated: 10/Jul/17  Resolved: 07/Dec/16

Status: Resolved
Project: OpenAM
Component/s: audit logging, authentication
Affects Version/s: 12.0.2, 12.0.4, 13.0.0, 13.5.0
Fix Version/s: 12.0.5, 13.5.1, 14.0.0

Type: Bug Priority: Major
Reporter: Sachiko Wallace Assignee: Sachiko Wallace
Resolution: Fixed Votes: 0
Labels: EDISON
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Relates
is related to OPENAM-9983 Username not printed in Audit log for... Resolved
Target Version/s:
Sprint: AM Sustaining Sprint 31, AM Sustaining Sprint 32
Story Points: 2
QA Assignee: Filip Kubáň [X] (Inactive)
Verified Version/s:

 Description   

In amAuthentication.error/authentication.csv log of OpenAM, it does not log the failure reason if user is not found in LDAP and DataStore auth module. In InvalidPassword error case, failureReason will be printed as below :

"08fd97ad-cfd7-4ff6-bcaa-4bdcb4adbb61-59127","2016-11-21T21:18:02.529Z","AM-LOGIN-COMPLETED","08fd97ad-cfd7-4ff6-bcaa-4bdcb4adbb61-59123","id=demo,ou=user,dc=openam,dc=forgerock,dc=org","[""7838d201be3feae201""]","FAILED","[""demo""]",,"[{""moduleId"":""LDAP"",""info"":{""authLevel"":""0"",{color:red}*""failureReason"":""INVALID_PASSWORD""*{color},""authIndex"":""module_instance"",""ipAddress"":""127.0.0.1""}}]","Authentication","/"

Current behavior for when user is not found :

"08fd97ad-cfd7-4ff6-bcaa-4bdcb4adbb61-59138","2016-11-21T22:04:09.601Z","AM-LOGIN-MODULE-COMPLETED","08fd97ad-cfd7-4ff6-bcaa-4bdcb4adbb61-59135","",,"FAILED","[""testtesttest""]",,"[{""moduleId"":""LDAP"",""info"":{""authControlFlag"":""REQUIRED"",""authLevel"":""0"",""moduleClass"":""LDAP"",""authIndex"":""module_instance"",""ipAddress"":""127.0.0.1""}}]","Authentication","/"

This is related to OPENAM-9983.



 Comments   
Comment by Filip Kubáň [X] (Inactive) [ 04/May/17 ]

Verified on OpenAM 13.5.1-RC2 Build 149fc42dac (2017-April-20 08:29)

user not found failure reason is printed as expected (see below)

"885bdf70-fb07-445d-84a2-adab683dc013-67321","2017-05-04T07:57:50.367Z","AM-LOGIN-MODULE-COMPLETED","885bdf70-fb07-445d-84a2-adab683dc013-67319",,"[""66eaec406fa61df801""]","FAILED","[""nothere""]",,"[{""moduleId"":""DataStore"",""info"":{""authControlFlag"":""REQUIRED"",""moduleClass"":""DataStore"",""failureReason"":""USERID_NOT_FOUND"",""ipAddress"":""172.25.1.71"",""authLevel"":""0""}}]","Authentication","/"
"885bdf70-fb07-445d-84a2-adab683dc013-67323","2017-05-04T07:57:50.370Z","AM-LOGIN-COMPLETED","885bdf70-fb07-445d-84a2-adab683dc013-67319",,"[""66eaec406fa61df801""]","FAILED","[""nothere""]",,"[{""moduleId"":""DataStore"",""info"":{""failureReason"":""LOGIN_FAILED"",""ipAddress"":""172.25.1.71"",""authLevel"":""0""}}]","Authentication","/"
Generated at Mon Nov 30 02:01:01 UTC 2020 using Jira 7.13.12#713012-sha1:6e07c38070d5191bbf7353952ed38f111754533a.