Uploaded image for project: 'Dev - Nexus Repo'
  1. Dev - Nexus Repo
  2. NEXUS-14607

Provide a way to monitor login attempts

    Details

      Description

      Background

      In Nexus 2, I could add a specific logger to have login attempts (successful, and failed) shown in the 'nexus.log' by adding a DEBUG level logger for "org.sonatype.nexus.feeds.record.NexusAuthenticationEventInspector". The log would include  something like this:

      2017-10-13 09:35:25,359-0400 DEBUG [esh-1-thread-8] *UNKNOWN org.sonatype.nexus.feeds.record.NexusAuthenticationEventInspector - Unable to authenticate user [badid] from IP address 127.0.0.1

      I could not find a way to monitor similar login events in Nexus 3. The "Audit" UI didn't show such events, and neither did the Global Web Hooks. I saw some information logged when creating TRACE level loggers at: org.sonatype.nexus.security, and org.sonatype.nexus.internal.security; however this log info was not useful for the purpose of general tracking of login activity.

      Acceptance

      • After all realms have fired and the user was not authenticated, but there is a user ID, then log the following at INFO:
        • the userid
        • IP address
        • User Agent
      • Use a separate logger for these statements, so they can be controlled separately.

      e.g. INFO Failed authentication userid: {}, client: {}, user-agent: {}

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned Unassigned
              Reporter:
              drollo Dan Rollo
              Last Updated By:
              Michael Prescott Michael Prescott
              Votes:
              4 Vote for this issue
              Watchers:
              8 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:
                Date of First Response:

                  tigCommentSecurity.panel-title