Uploaded image for project: 'Corda'
  1. CORDA-2621

Maybe tone down the level of panic when somebody types their SSH password in incorrectly...

    Details

    • Type: Bug
    • Status: Done (View workflow)
    • Priority: Medium
    • Resolution: Done
    • Affects versions: Corda 4
    • Fix versions: Corda 4.1
    • Components: None
    • Labels:
      None
    • Severity:
      Medium
    • Target Version/s:
    • Feature Team:
      Corda Core
    • Sprint:

      Description

      If I try to log into a C4 node using SSH and enter the wrong password, etc., this is logged:

      [ERROR] 2019-02-17T14:25:43,703Z [Thread-4 (activemq-netty-threads)] artemis.Bro
      kerJaasLoginModule.login - Login failed: org.apache.shiro.authc.IncorrectCredent
      ialsException: Submitted credentials for token [org.apache.shiro.authc.UsernameP
      asswordToken - user1, rememberMe=false] did not match the expected credentials.
      [errorCode=heaxee, moreInformationAt=https://errors.corda.net/OS/4.0-RC05/heaxee
      ]
      javax.security.auth.login.FailedLoginException: org.apache.shiro.authc.Incorrect
      CredentialsException: Submitted credentials for token [org.apache.shiro.authc.Us
      ernamePasswordToken - user1, rememberMe=false] did not match the expected creden
      tials.
      at net.corda.node.internal.security.RPCSecurityManagerImpl.authenticate(
      RPCSecurityManagerImpl.kt:55) ~[corda-node-4.0-RC05.jar:?]
      at net.corda.node.internal.security.RPCSecurityManagerWithAdditionalUser
      .authenticate(RPCSecurityManagerWithAdditionalUser.kt:23) ~[corda-node-4.0-RC05.
      jar:?]
      at net.corda.node.internal.artemis.BrokerJaasLoginModule.authenticateAnd
      Authorise(BrokerJaasLoginModule.kt:147) ~[corda-node-4.0-RC05.jar:?]
      at net.corda.node.internal.artemis.BrokerJaasLoginModule.login(BrokerJaa
      sLoginModule.kt:99) ~[corda-node-4.0-RC05.jar:?]
      at sun.reflect.GeneratedMethodAccessor256.invoke(Unknown Source) ~[?:?]
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
      sorImpl.java:43) ~[?:1.8.0_171]
      at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_171]
      at javax.security.auth.login.LoginContext.invoke(LoginContext.java:755)
      ~[?:1.8.0_171]
      at javax.security.auth.login.LoginContext.access$000(LoginContext.java:1
      95) ~[?:1.8.0_171]
      at javax.security.auth.login.LoginContext$4.run(LoginContext.java:682) ~[?:1.8.0_171]
      at javax.security.auth.login.LoginContext$4.run(LoginContext.java:680) ~[?:1.8.0_171]
      at java.security.AccessController.doPrivileged(Native Method) ~[?:1.8.0_171]
      at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) ~[?:1.8.0_171]
      at javax.security.auth.login.LoginContext.login(LoginContext.java:587) ~[?:1.8.0_171]
      at org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager.getAuthenticatedSubject(ActiveMQJAASSecurityManager.java:187) ~[artemis-server-2.6.2.jar:2.6.2]

      <another billion lines elided>

      ERROR? Really? Do we need the stack trace?

      Also - we print this IN RED to the console:

      [ERROR] 14:25:43+0000 [Thread-4 (activemq-netty-threads)] artemis.BrokerJaasLoginModule.login - Login failed: org.apache.shiro.authc.IncorrectCredentialsException: Submitted credentials for token [org.apache.shiro.authc.UsernamePasswordToken - user1, rememberMe=false] did not match the expected credentials. [errorCode=heaxee, moreInformationAt=https://errors.corda.net/OS/4.0-RC05/heaxee]

      Maybe tone it down a little?

        Attachments

          Activity

            People

            • Assignee:
              Tudor.Malene Tudor Malene
              Reporter:
              richard Richard G Brown
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: