Commit d85528aa authored by Patrik Dufresne's avatar Patrik Dufresne

Change log level around authentication

parent a78156ed
Pipeline #630 passed with stages
in 31 minutes and 51 seconds
......@@ -54,7 +54,7 @@ class BaseAuth(HandlerTool):
def check_username_and_password(self, username, password):
"""Validate user credentials."""
logger.info("check credentials for [%s]", username)
logger.debug("check credentials for [%s]", username)
try:
userobj = cherrypy.request.app.userdb.login(username, password) # @UndefinedVariable
except:
......@@ -183,7 +183,7 @@ class AuthFormTool(BaseAuth):
if path.startswith(native_str('/login')):
if request.method != 'POST':
response.headers['Allow'] = "POST"
logger.warn('do_login requires POST, redirect to /')
logger.debug('/login requires POST, redirect to /')
# Redirect to / instead of showing error.
raise cherrypy.HTTPRedirect(b'/')
logger.debug('routing %(path)r to do_login', locals())
......@@ -194,7 +194,6 @@ class AuthFormTool(BaseAuth):
return self.do_logout(**request.params)
# No special path, validate session.
logger.debug('no special path, running do_check')
return self.do_check()
......@@ -224,7 +223,7 @@ class BasicAuth(BaseAuth):
if scheme.lower() == 'basic':
# Validate user credential.
login, password = base64_decode(params).split(':', 1)
logger.info('routing %(path)r to do_login', locals())
logger.debug('routing %(path)r to do_login', locals())
try:
return self.do_login(login, password)
except RdiffError as e:
......@@ -234,7 +233,7 @@ class BasicAuth(BaseAuth):
except (ValueError, binascii.Error):
raise cherrypy.HTTPError(400, 'Bad Request')
logger.info('no authorization header, running is_login')
logger.debug('no authorization header, running is_login')
if not self.is_login():
# Inform the user-agent this path is protected.
cherrypy.serving.response.headers['www-authenticate'] = (
......
......@@ -16,12 +16,14 @@
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
from __future__ import print_function
from __future__ import unicode_literals
import cherrypy
from future.builtins import str
import getopt
import logging
import os
import sys
import tempfile
import threading
......@@ -30,7 +32,6 @@ import traceback
from rdiffweb import rdw_app, rdw_config
from rdiffweb.rdw_profiler import ProfilingApplication
# Define logger for this module
logger = logging.getLogger(__name__)
......@@ -117,6 +118,7 @@ def setup_logging(log_file, log_access_file, level):
# Configure default log file.
if log_file:
assert isinstance(log_file, str)
print("continue logging to %s" % log_file)
logging.basicConfig(filename=log_file, level=level, format=logformat)
else:
logging.basicConfig(level=level, format=logformat)
......@@ -124,6 +126,7 @@ def setup_logging(log_file, log_access_file, level):
# Configure access log file.
if log_access_file:
assert isinstance(log_access_file, str)
print("continue logging access to %s" % log_access_file)
logging.root.handlers[0].addFilter(NotFilter("cherrypy.access"))
logging.root.handlers[0].addFilter(ContextFilter())
......@@ -167,9 +170,12 @@ def start():
# Open config file before opening the apps.
configfile = args.get('config', '/etc/rdiffweb/rdw.conf')
if not os.path.isfile(configfile):
print("configuration file %s doesn't exists" % configfile, file=sys.stderr)
exit(1)
tmp_cfg = rdw_config.Configuration(configfile)
log_file = args.get('log_file', None) or tmp_cfg.get_config('LogFile', False)
log_access_file = args.get('log_access_file', None) or tmp_cfg.get_config('LogAccessFile', False)
log_access_file = args.get('log_access_file', None) or tmp_cfg.get_config('LogAccessFile', None)
if args.get('debug', False):
environment = 'development'
log_level = "DEBUG"
......@@ -190,7 +196,7 @@ def start():
app = rdw_app.RdiffwebApp(configfile)
# Get configuration
serverHost = app.cfg.get_config("ServerHost", default="0.0.0.0")
serverHost = app.cfg.get_config("ServerHost", default=b"0.0.0.0")
serverPort = app.cfg.get_config_int("ServerPort", default="8080")
# Get SSL configuration (if any)
sslCertificate = app.cfg.get_config("SslCertificate")
......
......@@ -240,7 +240,7 @@ class LdapPasswordStore(IPasswordStore):
def fetch_user_email(l, r): # @UnusedVariable
if len(r) != 1:
logger.warning("user [%s] not found", username)
logger.warning("user [%s] not found in LDAP", username)
return ""
return self._attr(r, attr)
......
......@@ -301,6 +301,8 @@ class UserManager(Component):
assert password is None or isinstance(user, str)
# Validate the credentials
logger.debug("validating user [%s] credentials", user)
if not self._password_stores:
logger.warn("not password store available to validate user credentials")
real_user = False
for store in self._password_stores:
real_user = store.are_valid_credentials(user, password)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment