| << Back to previous view |
|
[QB-3949] Display User and IP address together in error notifications
|
|
| Status: | Resolved |
| Project: | QuickBuild |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | 13.0.15, 8.0.49 |
| Type: | Improvement | Priority: | Major |
| Reporter: | Nguyen Duc Long | Assigned To: | Unassigned |
| Resolution: | Fixed | Votes: | 0 |
| Remaining Estimate: | Unknown | Time Spent: | Unknown |
| Original Estimate: | Unknown | ||
| Description |
|
Some of login failures are displaying user IP together.
``` com.pmease.quickbuild.web.MainServlet - Error authenticating user. om.pmease.quickbuild.AuthenticationException: Error authenticating user 'abc.cde' from ip 'xx.xx.xx.xx': User not found or password incorrect. ``` Please improve other failures, like below, to display user IP address together. ``` com.pmease.quickbuild.web.page.SignInPage - Error authenticating user. om.pmease.quickbuild.AuthenticationException: Error authenticating user 'abc.cde': User not found or password incorrect. ``` |
| Comments |
| Comment by Nguyen Duc Long [ 21/Apr/23 01:18 AM ] |
|
Hello Mr.Robin Shen,
Do you think it is reasonable to always display the user with IP in the Error log? I need that information to manage the user's login management. However, it does not display fully on QB8. Let me know your opinion. |
| Comment by Robin Shen [ 21/Apr/23 01:30 AM ] |
| Adding ip info to all errors can be tedious. Can you be specific on which type of errors you concerns about? |
| Comment by Nguyen Duc Long [ 21/Apr/23 02:12 AM ] |
| As I mentioned in the Description section, all login errors should be displayed IP. |
| Comment by Nguyen Duc Long [ 21/Apr/23 02:16 AM ] |
|
We have a shared account for some teams to use for some other services that can be automatically trigger build.
But one of them forgot to update the password when it was changed to lock the account due to wrong login too many times. We need this IP information to promptly process it, so IP should be displayed with an account in any case of error login. |
| Comment by Robin Shen [ 21/Apr/23 03:36 AM ] |
| QB 8.0.49 is now released to include ip info for these failed login attempts. |
| Comment by Nguyen Duc Long [ 21/Apr/23 03:58 AM ] |
|
I tried with QB8, Qb12, QB13. When I try to login on SignInPage, the only thing I received was "com.pmease.quickbuild.web.page.SignInPage - Error authenticating user.
om.pmease.quickbuild.AuthenticationException: Error authenticating user 'abc.cde': User not found or password incorrect." |
| Comment by Nguyen Duc Long [ 21/Apr/23 04:02 AM ] |
|
In SecurityHelper.java
if (ip != null) { throw new AuthenticationException("Error authenticating user '" + correctedUserName + "' from ip '" + ip + "': User not found or password incorrect."); } else { throw new AuthenticationException("Error authenticating user '" + correctedUserName + "': User not found or password incorrect."); } And in SignInPage.java User user = SecurityHelper.authenticate(userName, password, null); ==> Obviously IP has not been displayed in this case. |