From f3b952d01e489e229aa0c991c755a4866b7eeb03 Mon Sep 17 00:00:00 2001 From: vivek-opsmx Date: Thu, 7 Dec 2023 19:00:56 +0530 Subject: [PATCH 1/2] Tcb Logs for successful, failure and locked logins. --- .../spinnaker/gate/audit/AuthenticationAuditListener.java | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/gate-web/src/main/java/com/opsmx/spinnaker/gate/audit/AuthenticationAuditListener.java b/gate-web/src/main/java/com/opsmx/spinnaker/gate/audit/AuthenticationAuditListener.java index 3bf753bed6..2585eddc9f 100644 --- a/gate-web/src/main/java/com/opsmx/spinnaker/gate/audit/AuthenticationAuditListener.java +++ b/gate-web/src/main/java/com/opsmx/spinnaker/gate/audit/AuthenticationAuditListener.java @@ -49,6 +49,7 @@ public void onApplicationEvent(AbstractAuthenticationEvent event) { if (event.getAuthentication().isAuthenticated() && event instanceof InteractiveAuthenticationSuccessEvent) { log.debug("publishEvent InteractiveAuthenticationSuccessEvent"); + log.info("Login: User '"+event.getAuthentication().getName()+"' logged in successfully."); handleAuthenticationEvent(event, AuditEventType.AUTHENTICATION_SUCCESSFUL_AUDIT); return; } @@ -60,6 +61,7 @@ public void onApplicationEvent(AbstractAuthenticationEvent event) { } else if (!event.getAuthentication().isAuthenticated() && event instanceof AbstractAuthenticationFailureEvent) { log.debug("publishEvent AbstractAuthenticationFailureEvent"); + log.info("Login : User '"+event.getAuthentication().getName()+"' login failed due to incorrect credentials."); auditHandler.publishEvent(AuditEventType.AUTHENTICATION_FAILURE_AUDIT, event); } else if (event instanceof LogoutSuccessEvent) { if (event @@ -68,10 +70,12 @@ public void onApplicationEvent(AbstractAuthenticationEvent event) { .getName() .equals("org.springframework.security.providers.ExpiringUsernameAuthenticationToken")) { log.debug("publishEvent LogoutSuccessEvent with ExpiringUsernameAuthenticationToken"); + log.info("Logout : User '"+event.getAuthentication().getName()+"' logged out."); handleAuthenticationEvent(event, AuditEventType.SUCCESSFUL_USER_LOGOUT_AUDIT); return; } log.debug("publishEvent LogoutSuccessEvent"); + log.info("Logout : User '"+event.getAuthentication().getName()+"' logged out manually."); auditHandler.publishEvent(AuditEventType.SUCCESSFUL_USER_LOGOUT_AUDIT, event); } From e692f378a140c8cfd2f925df55dac4a676ce5565 Mon Sep 17 00:00:00 2001 From: vivek-opsmx Date: Mon, 11 Dec 2023 10:06:36 +0530 Subject: [PATCH 2/2] used placeholders instead of concatenation in Log message's --- .../spinnaker/gate/audit/AuthenticationAuditListener.java | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/gate-web/src/main/java/com/opsmx/spinnaker/gate/audit/AuthenticationAuditListener.java b/gate-web/src/main/java/com/opsmx/spinnaker/gate/audit/AuthenticationAuditListener.java index 2585eddc9f..f94f4ec734 100644 --- a/gate-web/src/main/java/com/opsmx/spinnaker/gate/audit/AuthenticationAuditListener.java +++ b/gate-web/src/main/java/com/opsmx/spinnaker/gate/audit/AuthenticationAuditListener.java @@ -49,7 +49,7 @@ public void onApplicationEvent(AbstractAuthenticationEvent event) { if (event.getAuthentication().isAuthenticated() && event instanceof InteractiveAuthenticationSuccessEvent) { log.debug("publishEvent InteractiveAuthenticationSuccessEvent"); - log.info("Login: User '"+event.getAuthentication().getName()+"' logged in successfully."); + log.info("Login: User '{}' logged in successfully.",event.getAuthentication().getName()); handleAuthenticationEvent(event, AuditEventType.AUTHENTICATION_SUCCESSFUL_AUDIT); return; } @@ -61,7 +61,7 @@ public void onApplicationEvent(AbstractAuthenticationEvent event) { } else if (!event.getAuthentication().isAuthenticated() && event instanceof AbstractAuthenticationFailureEvent) { log.debug("publishEvent AbstractAuthenticationFailureEvent"); - log.info("Login : User '"+event.getAuthentication().getName()+"' login failed due to incorrect credentials."); + log.info("Login : User '{}' login failed due to incorrect credentials.",event.getAuthentication().getName()); auditHandler.publishEvent(AuditEventType.AUTHENTICATION_FAILURE_AUDIT, event); } else if (event instanceof LogoutSuccessEvent) { if (event @@ -70,12 +70,12 @@ public void onApplicationEvent(AbstractAuthenticationEvent event) { .getName() .equals("org.springframework.security.providers.ExpiringUsernameAuthenticationToken")) { log.debug("publishEvent LogoutSuccessEvent with ExpiringUsernameAuthenticationToken"); - log.info("Logout : User '"+event.getAuthentication().getName()+"' logged out."); + log.info("Logout : User '{}' logged out.",event.getAuthentication().getName()); handleAuthenticationEvent(event, AuditEventType.SUCCESSFUL_USER_LOGOUT_AUDIT); return; } log.debug("publishEvent LogoutSuccessEvent"); - log.info("Logout : User '"+event.getAuthentication().getName()+"' logged out manually."); + log.info("Logout : User '{}' logged out manually.",event.getAuthentication().getName()); auditHandler.publishEvent(AuditEventType.SUCCESSFUL_USER_LOGOUT_AUDIT, event); }