From 0a1e3ed097aa72ead2487b93df3559f277a402b9 Mon Sep 17 00:00:00 2001
From: Edwin Kempin <edwin.kempin@sap.com>
Date: Fri, 22 Jun 2012 15:58:44 +0200
Subject: [PATCH] Log sign in failures on info level

If for a user signing in into the Gerrit WebUI fails, this can have
many reasons, e.g. username is wrong, password is wrong, user is marked
as inactive, user is locked in the user backend etc. In all cases the
user just gets a generic error message 'Incorrect username or
password.'. Gerrit administrators have trouble to find the exact reason
for the sign in problem because the corresponding AccountException is
not logged.

With this change a log message on info level is written if the sign in
fails with an AccountException. This enables Gerrit administrators to
find out the reason for sign in failures.

Change-Id: I723e9d1813b7bb1c453349356ff373b3df64045b
Signed-off-by: Edwin Kempin <edwin.kempin@sap.com>
---
 .../gerrit/httpd/auth/ldap/UserPassAuthServiceImpl.java    | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/gerrit-httpd/src/main/java/com/google/gerrit/httpd/auth/ldap/UserPassAuthServiceImpl.java b/gerrit-httpd/src/main/java/com/google/gerrit/httpd/auth/ldap/UserPassAuthServiceImpl.java
index bf49eece74..348ecbb9b2 100644
--- a/gerrit-httpd/src/main/java/com/google/gerrit/httpd/auth/ldap/UserPassAuthServiceImpl.java
+++ b/gerrit-httpd/src/main/java/com/google/gerrit/httpd/auth/ldap/UserPassAuthServiceImpl.java
@@ -30,11 +30,17 @@ import com.google.gwtjsonrpc.common.AsyncCallback;
 import com.google.inject.Inject;
 import com.google.inject.Provider;
 
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
 class UserPassAuthServiceImpl implements UserPassAuthService {
   private final Provider<WebSession> webSession;
   private final AccountManager accountManager;
   private final AuthType authType;
 
+  private static final Logger log = LoggerFactory
+      .getLogger(UserPassAuthServiceImpl.class);
+
   @Inject
   UserPassAuthServiceImpl(final Provider<WebSession> webSession,
       final AccountManager accountManager, final AuthConfig authConfig) {
@@ -73,6 +79,7 @@ class UserPassAuthServiceImpl implements UserPassAuthService {
       callback.onSuccess(result);
       return;
     } catch (AccountException e) {
+      log.info(String.format("'%s' failed to sign in: %s", username, e.getMessage()));
       result.setError(LoginResult.Error.INVALID_LOGIN);
       callback.onSuccess(result);
       return;