Merge branch '515-explicit-logging-of-successful-and-unsuccessful-logins' into 'devel_12.1.x'

Resolve "explicit logging of successful and unsuccessful logins" See merge request !404

Merge branch '515-explicit-logging-of-successful-and-unsuccessful-logins' into 'devel_12.1.x'
Resolve "explicit logging of successful and unsuccessful logins" See merge request !404
19d4f8f3 · Piotr Gawron · 7d48f99b · c0caf224 · 19d4f8f3 · 19d4f8f3
Commit 19d4f8f3 authored 6 years ago by Piotr Gawron
--- a/rest-api/src/main/java/lcsb/mapviewer/api/users/UserController.java
+++ b/rest-api/src/main/java/lcsb/mapviewer/api/users/UserController.java
@@ -35,6 +35,7 @@ import lcsb.mapviewer.api.BaseController;
 import lcsb.mapviewer.api.ObjectNotFoundException;
 import lcsb.mapviewer.api.QueryException;
 import lcsb.mapviewer.common.Configuration;
+import lcsb.mapviewer.model.user.User;
 import lcsb.mapviewer.services.SecurityException;
 import lcsb.mapviewer.services.interfaces.IUserService;

@@ -73,6 +74,20 @@ public class UserController extends BaseController {

      Map<String, Object> result = new TreeMap<>();

+      User user = userService.getUserByToken(request.getSession().getId());
+      if (user == null) {
+        logger.fatal("Inconsistent state. User doesn't exist");
+      } else {
+        if (!user.getLogin().equals(Configuration.ANONYMOUS_LOGIN)) {
+          String method;
+          if (user.isConnectedToLdap()) {
+            method = "LDAP";
+          } else {
+            method = "LOCAL";
+          }
+          logger.debug("User " + login + " successfully logged in using " + method + " authentication method");
+        }
+      }
      result.put("info", "Login successful. TOKEN returned as a cookie");
      return result;
    } catch (AuthenticationException e) {

--- a/service/src/main/java/lcsb/mapviewer/services/impl/LdapService.java
+++ b/service/src/main/java/lcsb/mapviewer/services/impl/LdapService.java
@@ -87,8 +87,10 @@ public class LdapService implements ILdapService {
    if (user != null) {
      try {
        BindResult result = connection.bind(user.getBindDn(), password);
+        logger.debug("LDAP login status for user " + login + ": " + result.toString());
        return result.getResultCode().equals(ResultCode.SUCCESS);
      } catch (Exception e) {
+        logger.debug("LDAP login for user " + login + " failed", e);
        return false;
      }
    }
@@ -190,11 +192,11 @@ public class LdapService implements ILdapService {
  private Filter createObjectClassFilter() throws LDAPException {
    String objectClass = configurationService.getConfigurationValue(ConfigurationElementType.LDAP_OBJECT_CLASS);

-    if (objectClass == null || objectClass.trim().isEmpty() || objectClass .equals( "*")) {
+    if (objectClass == null || objectClass.trim().isEmpty() || objectClass.equals("*")) {
      return Filter.create("objectClass=*");
    }

-    return  Filter.createEqualityFilter("objectClass", objectClass);
+    return Filter.createEqualityFilter("objectClass", objectClass);
  }

  private Filter createAttributeFilter() throws LDAPException {
@@ -208,7 +210,7 @@ public class LdapService implements ILdapService {
  }

  private Filter createLoginFilter(String login) {
-    return  Filter.createEqualityFilter("uid", login);
+    return Filter.createEqualityFilter("uid", login);
  }

  public IConfigurationService getConfigurationService() {