[OPENAM-9983] Username not printed in Audit log for Failed Authentication Created: 09/Nov/16 Updated: 04/May/17 Resolved: 21/Nov/16
|Component/s:||audit logging, authentication|
|Fix Version/s:||12.0.5, 13.5.1, 14.0.0|
|Reporter:||sanjoy karmakar||Assignee:||Sachiko Wallace|
|Remaining Estimate:||Not Specified|
|Time Spent:||Not Specified|
|Original Estimate:||Not Specified|
|Sprint:||AM Sustaining Sprint 31|
In amAuthentication.error [audit log] log of OpenAM, it does not log the UserID/LoginID if user is not found in the datastore. In other cases [invalid password/user locked] UserID/LoginID is being logged with proper message by OpenAM.
Current Behavior [ in case of "User not found"]
Expected Behavior [in case of "User not found"] with proper message.
In 13.x when new audit logging was introduced, non of the auth module will log username in failure case.
|Comment by Peter Major [X] (Inactive) [ 09/Nov/16 ]|
You should raise a support ticket on backstage.forgerock.com..
|Comment by sanjoy karmakar [ 09/Nov/16 ]|
Opened a Support ticket on this issue but was suggested to open an RFE.
|Comment by Phil Ostler [X] (Inactive) [ 17/Nov/16 ]|
Commit has been reverted due to failing functional tests. See PR https://stash.forgerock.org/projects/TEMPER/repos/temper/pull-requests/939/overview
Authenticate end-point was returning 500 upon attempting to address a chain that does not exist.
|Comment by Filip Kubáň [X] (Inactive) [ 04/May/17 ]|
Verified on OpenAM 13.5.1-RC2 Build 149fc42dac (2017-April-20 08:29)
username is visible in csv audit log for failed auth (see below)