Failed Login Auditing

I know Openfire logs failed login attempts to the “Info” log, but is there anyway to audit the name of the failed logon account name?

Thus insted of “User Login Failed. PLAIN authentication failed” being listed in the log, there would be a name attached to it.

Thanks

There is already logging of usernames for SASL logins in 3.7.0 beta (OF-58). Do you want it to extend or is it meeting your needs?

How is this implimeted in 3.6.4? This is running in a production and we dont plan to upgrade until the final stable release is out.

Well, there is a patch atached. You can check out 3.6.4 source code, apply the patch, compile Openfire and get updated libraries. Maybe openfire.jar would be enough. Though maybe this patch relies on new logging system introduced in 3.7.0. Anyway, this doesn’t look like a pretty way for production environment. So maybe you should wait for 3.7.0. Can’t tell when it may come out.

Yea. I’m going to wait. Thanks for the help!