TITLE: Enhance Authentication failure error messages with client IP.
DESCRIPTION: updated the authentication failures trace and logger message with client IP address.
Logger::INFORMATION,
MessageLoaderParms(
BASIC_AUTHENTICATION_FAILED_KEY,
- BASIC_AUTHENTICATION_FAILED, badUserName));
+ BASIC_AUTHENTICATION_FAILED, badUserName,
+ authInfo->getIpAddress()));
PEG_METHOD_EXIT();
return false;
}
Logger::INFORMATION,
MessageLoaderParms(
BASIC_AUTHENTICATION_FAILED_KEY,
- BASIC_AUTHENTICATION_FAILED, userName));
+ BASIC_AUTHENTICATION_FAILED, userName,
+ authInfo->getIpAddress()));
}
#endif
static const char BASIC_AUTHENTICATION_FAILED_KEY [] =
"Security.Authentication.BasicAuthenticationHandler."
- "BASIC_AUTHENTICATION_FAILED";
+ "BASIC_AUTHENTICATION_FAILURE";
static const char BASIC_AUTHENTICATION_FAILED [] =
- "Authentication failed for user=$0.";
+ "Authentication failed for user $0 from client IP address $1.";
class PEGASUS_SECURITY_LINKAGE BasicAuthenticationHandler
: public Authenticator
Logger::STANDARD_LOG, System::CIMSERVER, Logger::INFORMATION,
MessageLoaderParms(
"Security.Authentication.LocalAuthenticationHandler."
- "LOCAL_AUTHENTICATION_FAILED",
- "Local Authentication failed for user $0.",
- userName));
+ "LOCAL_AUTHENTICATION_FAILURE",
+ "Local Authentication failed for user $0 from client "
+ "IP address $1.",userName,authInfo->getIpAddress()));
}
PEG_AUDIT_LOG(logLocalAuthentication(userName, authenticated));
}
else
{
- PEG_TRACE_CSTRING(
- TRC_HTTP,
- Tracer::LEVEL1,
- "HTTPAuthenticatorDelegator - Bailing, "
- "the certificate used for "
- "authentication is not valid.");
+ PEG_TRACE((TRC_HTTP,Tracer::LEVEL1,
+ "HTTPAuthenticatorDelegator- Bailing,the "
+ "certificate used for authentication "
+ "is not valid for client IP address "
+ "%s.",
+ (const char*)
+ httpMessage->ipAddress.getCString())
+ );
MessageLoaderParms msgParms(
"Pegasus.Server.HTTPAuthenticatorDelegator."
// up the deletion but we would pick it up here
// when we went to look it up in the repository
- PEG_TRACE_CSTRING(
- TRC_HTTP,
- Tracer::LEVEL1,
- "HTTPAuthenticatorDelegator - Bailing, the "
+ PEG_TRACE((TRC_HTTP,Tracer::LEVEL1,
+ "HTTPAuthenticatorDelegator- Bailing,the "
"certificate used for authentication is "
- "not valid.");
+ "not valid for client IP address %s.",
+ (const char*)
+ httpMessage->ipAddress.getCString()));
+
MessageLoaderParms msgParms(
"Pegasus.Server.HTTPAuthenticatorDelegator."
"BAD_CERTIFICATE",
if (certUserName == String::EMPTY)
{
+ PEG_TRACE((TRC_HTTP,Tracer::LEVEL1,
+ "HTTPAuthenticatorDelegator-No username is registered "
+ "to this certificate for client IP address %s.",
+ (const char*)httpMessage->ipAddress.getCString()));
+
MessageLoaderParms msgParms(
"Pegasus.Server.HTTPAuthenticatorDelegator."
"BAD_CERTIFICATE_USERNAME",
/**
* @note PGS17200:
* Substitution {0} is a user name (a string)
+ * This message is no longer used as of version 2.10.0
*/
Security.Authentication.BasicAuthenticationHandler.BASIC_AUTHENTICATION_FAILED:string {"PGS17200: Authentication failed for user {0}."}
*/
Security.Authentication.SecureBasicAuthenticator.APPLID_OMVSAPPL.PEGASUS_OS_ZOS:string {"PGS17204: CIM server authentication is using application ID OMVSAPPL."}
+ /**
+ * @note PGS17205:
+ * Substitution {0} is a user name (a string)
+ * Substitution {1} is a ip address(a string)
+ */
+ Security.Authentication.BasicAuthenticationHandler.BASIC_AUTHENTICATION_FAILURE:string {"PGS17205: Authentication failed for user {0} from client IP address {1}."}
+
// ==========================================================
// Messages for Security LocalAuthenticationHandler
// Please use message prefix "PGS17400"
/**
* @note PGS17401:
* Substitution {0} is a user name (a string)
+ * This message is no longer used as of version 2.10.0
*/
Security.Authentication.LocalAuthenticationHandler.LOCAL_AUTHENTICATION_FAILED:string {"PGS17401: Local Authentication failed for user {0}."}
+ /**
+ * @note PGS17402:
+ * Substitution {0} is a user name (a string)
+ * Substitution {1} is a ip address(a string)
+ */
+ Security.Authentication.LocalAuthenticationHandler.LOCAL_AUTHENTICATION_FAILURE:string {"PGS17402: Local Authentication failed for user {0} from client IP address {1}."}
+
// ==========================================================
// Messages for Security LocalAuthFile
// Please use message prefix "PGS17600"