echelon/i2p.i2p
1
0
Fork 0
forked from I2P_Developers/i2p.i2p
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Consistently log authentication failures for all interfaces

Browse Source
This commit is contained in:
zzz
2016-11-06 17:20:35 +00:00
parent 81bbf554e8
commit c9c29520b4
7 changed files with 74 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
apps/routerconsole/java/src/net/i2p/router/web/RouterConsoleRunner.java
View File

@ -48,6 +48,7 @@ import org.eclipse.jetty.server.AbstractConnector;
import org.eclipse.jetty.server.Connector;
import org.eclipse.jetty.server.NCSARequestLog;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.UserIdentity;
import org.eclipse.jetty.server.bio.SocketConnector;
import org.eclipse.jetty.server.handler.ContextHandlerCollection;
import org.eclipse.jetty.server.handler.DefaultHandler;
@ -848,7 +849,8 @@ public class RouterConsoleRunner implements RouterApp {
enable = false;
ctx.router().saveConfig(PROP_CONSOLE_PW, "false");
} else {
HashLoginService realm = new HashLoginService(JETTY_REALM);
HashLoginService realm = new CustomHashLoginService(JETTY_REALM, context.getContextPath(),
ctx.logManager().getLog(RouterConsoleRunner.class));
sec.setLoginService(realm);
sec.setAuthenticator(authenticator);
String[] role = new String[] {JETTY_ROLE};
@ -932,6 +934,30 @@ public class RouterConsoleRunner implements RouterApp {
context.setSecurityHandler(sec);
}
/**
* For logging authentication failures
* @since 0.9.28
*/
private static class CustomHashLoginService extends HashLoginService {
private final String _webapp;
private final net.i2p.util.Log _log;
public CustomHashLoginService(String realm, String webapp, net.i2p.util.Log log) {
super(realm);
_webapp = webapp;
_log = log;
}
@Override
public UserIdentity login(String username, Object credentials) {
UserIdentity rv = super.login(username, credentials);
if (rv == null)
//_log.logAlways(net.i2p.util.Log.WARN, "Console authentication failed, webapp: " + _webapp + ", user: " + username);
_log.logAlways(net.i2p.util.Log.WARN, "Console authentication failed, user: " + username);
return rv;
}
}
/** @since 0.8.8 */
private class ServerShutdown implements Runnable {
public void run() {