[MAGNOLIA-3795] Audit logging does not log successful logins. Created: 10/Aug/11  Updated: 29/Aug/11  Resolved: 25/Aug/11

Status: Closed
Project: Magnolia
Component/s: security
Affects Version/s: 4.4.4
Fix Version/s: 4.4.5

Type: Improvement Priority: Major
Reporter: Danilo Ghirardelli Assignee: Magnolia International
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Attachments: Text File logPatch.patch    
Template:
Patch included:
Yes
Acceptance criteria:
Empty
Task DoD:
[ ]* Doc/release notes changes? Comment present?
[ ]* Downstream builds green?
[ ]* Solution information and context easily available?
[ ]* Tests
[ ]* FixVersion filled and not yet released
[ ]  Architecture Decision Record (ADR)
Date of First Response:

 Description   

The login filter logs only failed login attempt for any user, but does not log any successful login.
In the audit logging it is useful to know not only the failed attempts, but also the successful logins, to see when a user (not anonymous) logged in. The problem is that now the audit logging has only the logouts, so you can see when the user get out but not when he logged in.
Simple patch is included.



 Comments   
Comment by Magnolia International [ 10/Aug/11 ]

Thanks for the report Danilo! This was indeed caused by a commit for MAGNOLIA-3697. Will apply (slightly modified) patch.

Comment by Jan Haderka [ 16/Aug/11 ]

Change in AuditLoggingUtil deserves a test.

Comment by Magnolia International [ 25/Aug/11 ]

Done for now. Please re-validate the fix "manually". Adding tests for the LoginFilter would probably be a good idea if time permits.

Comment by Jan Haderka [ 25/Aug/11 ]

and trunk?

Comment by Magnolia International [ 25/Aug/11 ]

test added to trunk too.

Generated at Mon Feb 12 03:49:45 CET 2024 using Jira 9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b.