[OPENAM-10219] Failure reason not printed in audit log for "Locked out" case Created: 14/Dec/16  Updated: 20/Dec/16  Resolved: 20/Dec/16

Status: Resolved
Project: OpenAM
Component/s: audit logging
Affects Version/s: 12.0.2
Fix Version/s: 12.0.5

Type: Improvement Priority: Major
Reporter: Sachiko Wallace Assignee: Sachiko Wallace
Resolution: Fixed Votes: 0
Labels: EDISON
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Target Version/s:
Sprint: AM Sustaining Sprint 32
Support Ticket IDs:

 Description   

This is more for 12.0.x since OPENAM-10056 has fixed the reasons to be printed in audit log for 13.5.x or 14.x.

Test steps,
1. Enable account lock feature
2. Fail to login for pre-configured lock time until user is locked out.
2. Execute the REST call to authenticate the locked user with correct credentials.
3. Rest response is "User Account is locked"
4. But audit log writes "Login Failed" generic message.

12.0.x

"2016-12-14 14:19:15"	"Login Failed"	127.0.0.1	"cn=dsameuser,ou=DSAME Users,dc=openam,dc=forgerock,dc=org"	testuser02	"Not Available"	DataStore	"Not Available"	dc=openam,dc=forgerock,dc=org	INFO	127.0.0.1	AUTHENTICATION-200	

13.5.x and 14.x

"684253cd-8fa8-4cf8-ba44-10ecd48fae7a-1611","2016-12-15T19:22:40.128Z","AM-LOGIN-COMPLETED","684253cd-8fa8-4cf8-ba44-10ecd48fae7a-1607","id=locktest01,ou=user,o=testrealm02,ou=services,dc=openam,dc=forgerock,dc=org","[""46569d61847b618201""]","FAILED","[""locktest01""]",,"[{""moduleId"":""DataStore"",""info"":{""failureReason"":""LOCKED_OUT"",""ipAddress"":""127.0.0.1"",""authLevel"":""0""}}]","Authentication","/testrealm02"

Generated at Wed Nov 25 08:56:07 UTC 2020 using Jira 7.13.12#713012-sha1:6e07c38070d5191bbf7353952ed38f111754533a.