diff options
author | Christina Fu <cfu@redhat.com> | 2015-05-07 12:14:19 -0700 |
---|---|---|
committer | Christina Fu <cfu@redhat.com> | 2015-05-13 09:05:38 -0700 |
commit | ccf2eb507471a9f19a1768befadeff404c96635e (patch) | |
tree | 98a40027631ce6c577558c563906f9a28ac49c25 /base/server/cmscore | |
parent | a21f3139a3fa2cecf7a0f782e2a40b83279a80fa (diff) | |
download | pki-ccf2eb507471a9f19a1768befadeff404c96635e.tar.gz pki-ccf2eb507471a9f19a1768befadeff404c96635e.tar.xz pki-ccf2eb507471a9f19a1768befadeff404c96635e.zip |
Ticket 1160 audit logging needed: REST API auth/authz; kra for getKeyInfo
- (1) REST API auth/authz - this patch addresses the first part of this
ticket where auditing is completely missing for authentication and
authorization at the REST interface.
Diffstat (limited to 'base/server/cmscore')
-rw-r--r-- | base/server/cmscore/src/com/netscape/cmscore/authentication/CertUserDBAuthentication.java | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/base/server/cmscore/src/com/netscape/cmscore/authentication/CertUserDBAuthentication.java b/base/server/cmscore/src/com/netscape/cmscore/authentication/CertUserDBAuthentication.java index 573b736d4..998d7e261 100644 --- a/base/server/cmscore/src/com/netscape/cmscore/authentication/CertUserDBAuthentication.java +++ b/base/server/cmscore/src/com/netscape/cmscore/authentication/CertUserDBAuthentication.java @@ -168,6 +168,7 @@ public class CertUserDBAuthentication implements IAuthManager, ICertUserDBAuthen try { user = (User) mCULocator.locateUser(certs); } catch (EUsrGrpException e) { + CMS.debug("CertUserDBAuthentication: cannot map certificate to any user"); log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_AUTH_AGENT_AUTH_FAILED", x509Certs[0].getSerialNumber() .toString(16), x509Certs[0].getSubjectDN().toString(), e.toString())); throw new EInvalidCredentials(CMS.getUserMessage("CMS_AUTHENTICATION_INVALID_CREDENTIAL")); @@ -179,7 +180,7 @@ public class CertUserDBAuthentication implements IAuthManager, ICertUserDBAuthen // any unexpected error occurs like internal db down, // UGSubsystem only returns null for user. if (user == null) { - CMS.debug("Authentication: cannot map certificate to user"); + CMS.debug("CertUserDBAuthentication: cannot map certificate to any user"); log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_AUTH_AGENT_USER_NOT_FOUND")); throw new EInvalidCredentials(CMS.getUserMessage("CMS_AUTHENTICATION_INVALID_CREDENTIAL")); } |