[MXS-54] Write failed auth attempt to trace log Created: 2015-03-24 Updated: 2015-11-04 Resolved: 2015-11-04 |
|
| Status: | Closed |
| Project: | MariaDB MaxScale |
| Component/s: | Core |
| Affects Version/s: | 1.0.5 |
| Fix Version/s: | 1.1.0, 1.3.0 |
| Type: | Bug | Priority: | Major |
| Reporter: | Kolbe Kegel (Inactive) | Assignee: | markus makela |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Description |
|
Failed authentication attempts should be written to the MaxScale trace log. It may also be appropriate to write these to the error log. |
| Comments |
| Comment by Timofey Turenko [ 2015-04-28 ] |
|
error goes to error log now, closing |
| Comment by Will Fong [ 2015-10-29 ] |
|
Hi! Authentication errors should not go into the error log. These kinds of messages would be better as warnings, or even info level. Labeling them as errors will unnecessarily pollute the error log and could be a potential denial of service target (constant invalid logins will generate huge log files). If anything, can we label them as warnings, and have some sort of toggle setting (log_warnings)? Thanks, |
| Comment by markus makela [ 2015-11-02 ] |
|
Failed authentication messages are now sent to message log. |
| Comment by Johan Wikman [ 2015-11-03 ] |
|
Actually, it should be configurable whether failed authentication attempts are logged, and if so using what syslog facility and error level. There is some musing regarding this in https://mariadb.atlassian.net/browse/MXS-421 We need to separate errors that indicate failure in the functioning of maxscale and errors that relate to the usage of maxscale. |
| Comment by markus makela [ 2015-11-04 ] |
|
The printing of authentication warnings can now be controlled with the log_auth_warnings parameter. |