Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-14298

Login unsuccessful authentication stack trace

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Resolved (View Workflow)
    • Priority: Minor
    • Resolution: Won't Fix
    • Component/s: _unsorted
    • Labels:
      None
    • Environment:
      solaris
    • Similar Issues:

      Description

      When a user try an unsuccessful authentication, I have an INFO stack trace in the jenkins log file
      Is it necessary to have this information in the jenkins log file?
      This increase the jenkins log file and I try to scan an check this file to detect jenkin critical errors.

      Jul 3, 2012 3:08:35 PM hudson.security.AuthenticationProcessingFilter2 onUnsuccessfulAuthentication
      INFO: Login attempt failed
      org.acegisecurity.BadCredentialsException: Failed to login as USER_A
      at hudson.security.HudsonPrivateSecurityRealm.authenticate(HudsonPrivateSecurityRealm.java:173)
      at hudson.security.HudsonPrivateSecurityRealm.authenticate(HudsonPrivateSecurityRealm.java:89)
      at hudson.security.AbstractPasswordBasedSecurityRealm$Authenticator.retrieveUser(AbstractPasswordBasedSecurityRealm.java:137)
      at org.acegisecurity.providers.dao.AbstractUserDetailsAuthenticationProvider.authenticate(AbstractUserDetailsAuthenticationProvider.java:119)
      at org.acegisecurity.providers.ProviderManager.doAuthentication(ProviderManager.java:195)
      at org.acegisecurity.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:45)
      at org.acegisecurity.ui.webapp.AuthenticationProcessingFilter.attemptAuthentication(AuthenticationProcessingFilter.java:71)
      at org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:252)
      at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      at org.acegisecurity.ui.basicauth.BasicProcessingFilter.doFilter(BasicProcessingFilter.java:173)
      at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      at jenkins.security.ApiTokenFilter.doFilter(ApiTokenFilter.java:63)
      at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)
      at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:66)
      at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76)
      at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:164)
      at winstone.FilterConfiguration.execute(FilterConfiguration.java:194)
      at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366)
      at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:50)
      at winstone.FilterConfiguration.execute(FilterConfiguration.java:194)
      at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366)
      at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:81)
      at winstone.FilterConfiguration.execute(FilterConfiguration.java:194)
      at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366)
      at winstone.RequestDispatcher.forward(RequestDispatcher.java:331)
      at winstone.RequestHandlerThread.processRequest(RequestHandlerThread.java:215)
      at winstone.RequestHandlerThread.run(RequestHandlerThread.java:138)
      at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:441)
      at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:303)
      at java.util.concurrent.FutureTask.run(FutureTask.java:138)
      at winstone.BoundedExecutorService$1.run(BoundedExecutorService.java:77)
      at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
      at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
      at java.lang.Thread.run(Thread.java:619)

        Attachments

          Activity

          Hide
          kohsuke Kohsuke Kawaguchi added a comment -

          Faied logins are important enough events in various OSes (Windows leaves an entry in event log, Unix records this in a file I forgot the name) that I think a INFO-level logging is justified.

          What I recommend you to do is to configure the java logging to suppress all INFO level logs. Exactly how you do this depends on how you run Jenkins.

          Perhaps it'd be useful to come up with some mechanism inside Jenkins to control the logging level of various loggers.

          Show
          kohsuke Kohsuke Kawaguchi added a comment - Faied logins are important enough events in various OSes (Windows leaves an entry in event log, Unix records this in a file I forgot the name) that I think a INFO-level logging is justified. What I recommend you to do is to configure the java logging to suppress all INFO level logs. Exactly how you do this depends on how you run Jenkins. Perhaps it'd be useful to come up with some mechanism inside Jenkins to control the logging level of various loggers.

            People

            Assignee:
            kohsuke Kohsuke Kawaguchi
            Reporter:
            erwan_q erwan_q
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: