Details
-
Type:
Story
-
Status: Done
-
Priority:
Major
-
Resolution: Done
-
Affects Version/s: 3.6.0
-
Fix Version/s: 3.22.0
Description
Background
In Nexus 2, I could add a specific logger to have login attempts (successful, and failed) shown in the 'nexus.log' by adding a DEBUG level logger for "org.sonatype.nexus.feeds.record.NexusAuthenticationEventInspector". The log would include something like this:
2017-10-13 09:35:25,359-0400 DEBUG [esh-1-thread-8] *UNKNOWN org.sonatype.nexus.feeds.record.NexusAuthenticationEventInspector - Unable to authenticate user [badid] from IP address 127.0.0.1
I could not find a way to monitor similar login events in Nexus 3. The "Audit" UI didn't show such events, and neither did the Global Web Hooks. I saw some information logged when creating TRACE level loggers at: org.sonatype.nexus.security, and org.sonatype.nexus.internal.security; however this log info was not useful for the purpose of general tracking of login activity.
Acceptance
- After all realms have fired and the user was not authenticated, but there is a user ID, then log the following at INFO:
- the userid
- IP address
- User Agent
- Use a separate logger for these statements, so they can be controlled separately.
e.g. INFO Failed authentication userid: {}, client: {}, user-agent: {}
Attachments
Issue Links
- is superceded by
-
NEXUS-19736 add audit event for invalid credentials for repository requests
-
- Closed
-