You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@shiro.apache.org by ArturEdward <ar...@gmail.com> on 2009/03/19 14:25:06 UTC

Why login attempt with wrong credentials is logged as an ERROR?

Hi

I would like to ask what is the reason to log an error in the log file in
the case of failed authentication in the AbstractLdapRealm?
In our application, each ERROR is supposed to send an email to the admin
(Log4J SNMP Appender). Now, because of the jsecurity behavious, each
unsuccesfull login is triggering such an action.
Is there a way to change this behaviour (other than overriding the
'doGetAuthenticationInfo()' method?)


2009-03-19 12:31:12,475 [node1] [328603355@qtp0-50] [ERROR]
org.jsecurity.realm.ldap.AbstractLdapRealm  - LDAP naming error while
attempting to authenticate user.
javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308:
LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 525,
vece^@]
        at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:2985)
        at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2931)
        at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2732)
        ...


Thanks, regards!
-- 
View this message in context: http://n2.nabble.com/Why-login-attempt-with-wrong-credentials-is-logged-as-an-ERROR--tp2502871p2502871.html
Sent from the JSecurity User mailing list archive at Nabble.com.

Re: Why login attempt with wrong credentials is logged as an ERROR?

Posted by Les Hazlewood <lh...@apache.org>.

Hi Artur,

Please open a Jira issue - it shouldn't be listed as an ERROR due to a
failed authentication.

Thanks!

Les

On Thu, Mar 19, 2009 at 9:25 AM, ArturEdward <ar...@gmail.com> wrote:

>
> Hi
>
> I would like to ask what is the reason to log an error in the log file in
> the case of failed authentication in the AbstractLdapRealm?
> In our application, each ERROR is supposed to send an email to the admin
> (Log4J SNMP Appender). Now, because of the jsecurity behavious, each
> unsuccesfull login is triggering such an action.
> Is there a way to change this behaviour (other than overriding the
> 'doGetAuthenticationInfo()' method?)
>
>
> 2009-03-19 12:31:12,475 [node1] [328603355@qtp0-50] [ERROR]
> org.jsecurity.realm.ldap.AbstractLdapRealm  - LDAP naming error while
> attempting to authenticate user.
> javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308:
> LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 525,
> vece^@]
>        at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:2985)
>        at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2931)
>        at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2732)
>        ...
>
>
> Thanks, regards!
> --
> View this message in context:
> http://n2.nabble.com/Why-login-attempt-with-wrong-credentials-is-logged-as-an-ERROR--tp2502871p2502871.html
> Sent from the JSecurity User mailing list archive at Nabble.com.
>
>