powered by Jive Software

[Bugfix] Give username with login failed error

This patch modifies SaslServerPlainImpl.java to print the username of the user trying to log in when authentication fails.

2009.05.12 12:22:07 User Login Failed. PLAIN authentication failed

becomes:

2009.05.12 12:22:07 User Login Failed. PLAIN authentication failed for: username

This is probably only useful to people using ldap but it is really useful to me so I thought I would share.

Was having the same issue and found it was not a problem with the Spark client or the OpenFire server, it was an issue with the OU, there was a \ in the OU. Changed it to a dash and issue resolved.

Hi JackZ,

I like your idea, but have a general question about security of logging the failed username to file. Do you think it creates a threat by which somebody could attempt to log in with a malicious username just to get it written to the log for later exploit? I am probably off the reservation here?

daryl

Hi,

I created OF-58 and committed your change to trunk.

daryl