-
Improvement
-
Resolution: Unresolved
-
Minor
-
None
-
Jenkins 2.176.2
active-directory:2.8
Connecting to active directory a failed login produces two stack traces in the logs. They are not required and just clutter the logs.
It should simply record the login failure. eg:
BadCredentialsException: Either no such user 'xxxxxxxx@mydomain.com' or incorrect password
Instead we get:
Aug 15, 2019 12:41:19 AM hudson.plugins.active_directory.ActiveDirectorySecurityRealm$DescriptorImpl bind
WARNING: Failed to authenticate while binding to btwn000265.corp.ads:3268
javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C090400, comment: AcceptSecurityContext error, data 52e, v1db1^@]
Aug 15, 2019 12:41:19 AM hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider retrieveUser
WARNING: Credential exception trying to authenticate against corp.ads domain
org.acegisecurity.BadCredentialsException: Either no such user 'xxxxxxxx@mydomain.com' or incorrect password
Complete error attached.
I see ci_jenkinsci_org previously closed a similar issue JENKINS-14298 in 2013 as "Won't Fix", but would ask to revisit. Evidently, we have a lot of people in the org who can't type their passwords properly. What value is provided by the stack trace over the simple message in the log?
Agreed, this is very annoying. The stack trace should be under debug or something and a simple warning should be "Unable to login as....." should be in info.. INFO/WARN should never contain stacktraces, ERROR or DEBUG, yes, but not INFO/WARN.