Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 1510378 - [RFE] Access logs to clearly state whether the access was successful or not
Summary: [RFE] Access logs to clearly state whether the access was successful or not
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Satellite 6
Classification: Red Hat
Component: Logging
Version: 6.2.12
Hardware: All
OS: All
unspecified
high vote
Target Milestone: Unspecified
Assignee: satellite6-bugs
QA Contact: Katello QA List
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2017-11-07 09:51 UTC by Daniele
Modified: 2018-11-30 13:40 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2018-11-30 13:40:07 UTC


Attachments (Terms of Use)

Description Daniele 2017-11-07 09:51:16 UTC
Description of problem:
The access logs do not clearly show whether an access has been successful or not. The only difference between a failed and a successful attempt log is the redirect URL.


2017-11-07 04:33:49 6439f4d2 [app] [I] Started POST "/users/login" for 188.165.236.215 at 2017-11-07 04:33:49 -0500
2017-11-07 04:33:49 6439f4d2 [app] [I] Processing by UsersController#login as HTML
2017-11-07 04:33:49 6439f4d2 [app] [I] Parameters: {"utf8"=>"✓", "authenticity_token"=>"JXj1fJaHE/73qHOwTHDXT8AvV3omYP9traB29KWq9HU=", "login"=>{"login"=>"admin", "password"=>"[FILTERED]"}, "commit"=>"Accedi"}
2017-11-07 04:33:49 6439f4d2 [app] [I] Redirected to https://satellite.fcarrus.it/users/login
2017-11-07 04:33:49 6439f4d2 [app] [I] Completed 302 Found in 89ms (ActiveRecord: 50.9ms)
2017-11-07 04:33:49 7538cdef [app] [I] Started GET "/users/login" for 188.165.236.215 at 2017-11-07 04:33:49 -0500
2017-11-07 04:33:49 7538cdef [app] [I] Processing by UsersController#login as HTML
2017-11-07 04:33:49 7538cdef [app] [I] Rendered users/login.html.erb within layouts/login (1.7ms)
2017-11-07 04:33:49 7538cdef [app] [I] Rendered layouts/base.html.erb (1.1ms)
2017-11-07 04:33:49 7538cdef [app] [I] Completed 200 OK in 7ms (Views: 3.8ms | ActiveRecord: 0.5ms)
Version-Release number of selected component (if applicable):


How reproducible:
100%

Steps to Reproduce:
1. Execute a successful login
2. Execute a failed login
3. Compare logs

Actual results:
The only difference is the redirect URL

Expected results:
A line to clearly state whether the login was successful or not.

Additional info:

Comment 2 Marek Hulan 2018-11-30 13:40:07 UTC
In Satellite 6.4, following log was added

2018-11-30T08:36:20 [I|app|05446] User 'admin' logged in from '10.40.x.y'

In case of failed logging, one can find following message

2018-11-30T08:38:11 [W|app|0eb45] Failed login attempt from 10.40.x.y with username 'admin'

Note that I have obfuscated real IP address. I think we can close this as fixed in current release. Please reopen if there's something I missed.


Note You need to log in before you can comment on or make changes to this bug.