Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug] Suppress Reduntant AuthenticationFailed Error+Warn #1523

Closed
milesflo opened this issue Sep 10, 2020 · 1 comment
Closed

[Bug] Suppress Reduntant AuthenticationFailed Error+Warn #1523

milesflo opened this issue Sep 10, 2020 · 1 comment
Assignees
@rriclet
Labels
bug TheHive4 TheHive4 related issues
Milestone
4.0.1

Comments

@milesflo
Copy link

Suppress Redundant Error Message on Authentication Failed

Request Type

Bug

Work Environment

Question Answer
TheHive version thehiveproject/thehive4:latest
Package Type Docker

Problem Description

When login fails, 2 separate error messages are fired off:
1:

[error] o.t.t.s.TOTPAuthSrv [00000190|0773abb5] Authentication failure
org.thp.scalligraph.AuthenticationError: Operation not supported
 at org.thp.scalligraph.auth.AuthSrv.authenticate(AuthSrv.scala:55)
 at org.thp.scalligraph.auth.AuthSrv.authenticate$(AuthSrv.scala:52)
 at org.thp.scalligraph.auth.KeyAuthSrv.authenticate(KeyAuthSrv.scala:11)
 at org.thp.scalligraph.auth.MultiAuthSrv.$anonfun$authenticate$1(MultiAuthSrv.scala:71)
 at org.thp.scalligraph.auth.MultiAuthSrv$$anonfun$$nestedInanonfun$forAllAuthProvider$1$1.applyOrElse(MultiAuthSrv.scala:59)
 at org.thp.scalligraph.auth.MultiAuthSrv$$anonfun$$nestedInanonfun$forAllAuthProvider$1$1.applyOrElse(MultiAuthSrv.scala:57)
 at scala.runtime.AbstractPartialFunction.apply(AbstractPartialFunction.scala:38)
 at scala.util.Failure.recoverWith(Try.scala:236)
 at org.thp.scalligraph.auth.MultiAuthSrv.$anonfun$forAllAuthProvider$1(MultiAuthSrv.scala:57)
 at scala.collection.LinearSeqOptimized.foldLeft(LinearSeqOptimized.scala:126)

2:

[warn] o.t.s.ErrorHandler [00000190|] POST /api/login returned 401: Authentication failure

Authentication failure should not be classified as an error, and will FP on logging platforms. Please suppress for log sanitation.

Steps to Reproduce

  1. Spin up TH4
  2. Go to login splash page
  3. Log in with bad credentials
  4. Observe error message

Possible Solutions

I believe the offending line is here:

TheHive/thehive-backend/app/services/KeyAuthSrv.scala

Line 41 in d3c15bb

case None Future.failed(AuthenticationError("Authentication failure"))

If I'm reading this right, if password authentication fails it will go on to test key-based authentication, and fail there.
@milesflo milesflo added TheHive4 TheHive4 related issues bug labels Sep 10, 2020
@rriclet rriclet mentioned this issue Nov 2, 2020
Closed
@rriclet rriclet added this to the 4.0.1 milestone Nov 3, 2020
@rriclet rriclet closed this as completed Nov 4, 2020
@milesflo
Copy link
Author

milesflo commented Nov 4, 2020

Thanks guys!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@rriclet rriclet

Labels
bug TheHive4 TheHive4 related issues
Projects
None yet
Milestone
4.0.1
Development

No branches or pull requests
2 participants
@rriclet @milesflo