Announcement Announcement Module
Collapse
No announcement yet.
Authentication exceptions are not logged Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Authentication exceptions are not logged

    Hi,
    I have a webapp secured with Spring Security 3, with a simple LDAP authentication. My spring_security.xml is very simple :
    Code:
        <sec:http>
            <sec:intercept-url pattern="/**" access="ROLE_ADMIN" />
            <sec:http-basic />
        </sec:http>
    	
    	<sec:ldap-server url="${prop.ldap.url}"
    					manager-dn="${prop.ldap.managerDn}"
                        manager-password="${prop.ldap.managerPwd}" />
    
    	<sec:authentication-manager>
    	        <sec:ldap-authentication-provider  
    	        		user-search-filter="${prop.ldap.authn.userSearchFilter}"
    	        		user-search-base="${prop.ldap.authn.userSearchBase}"
    	        		group-search-filter="${prop.ldap.authz.groupSearchFilter}"
    	        		group-search-base="${prop.ldap.authz.groupSearchBase}"
    	        		group-role-attribute="${prop.ldap.authz.groupRoleAttribute}" />
    	</sec:authentication-manager>
    It works well, and I have errors 401 and 403 as I expect (when the user is unknown, the password is wrong, or the user has no rights, etc...).
    But, in this cases, the 401 and 403 errors (authentication exceptions) are not logged in my log files on the server, despite the fact that I have this log4j.xml conf :
    Code:
    	<!-- file appender -->
    	<appender name="logfile" class="org.apache.log4j.RollingFileAppender">
    		<param name="File" value="${catalina.home}/logs/ctrl.log" />
    		<param name="MaxFileSize" value="10MB" />
    		<param name="MaxBackupIndex" value="10" />
    		<layout class="org.apache.log4j.PatternLayout">
    			<param name="ConversionPattern" value="%d %5p [%C{1}.%M] - %m%n" />
    		</layout>
    	</appender>
    
    	<!-- my webapp category -->
    	<category name="fr.faceo.ws.ctrl">
    		<priority value="INFO"/>
    		<appender-ref ref="logfile"/>
    	</category>
    
    	<category name="org.apache">
    		<priority value="ERROR"/>
    		<appender-ref ref="logfile"/>
    	</category>
    	<category name="org.springframework">
    		<priority value="INFO"/>
    		<appender-ref ref="logfile"/>
    	</category>
    But there is no trace for the authentication errors in my log file.
    Is there something elese to do to have this errors properly logged ?

    Thanks
    Mathieu

  • #2
    Try changing your log settings to DEBUG. I suspect they should show then. If they do, you probably want to tune the log4j configuration to debug only the exceptions you're interested in.

    Comment

    Working...
    X