From d85528aa64641d9bfb08e582cba204646a6f03fa Mon Sep 17 00:00:00 2001 From: Patrik Dufresne Date: Wed, 9 Jan 2019 09:27:34 -0500 Subject: [PATCH] Change log level around authentication --- rdiffweb/filter_authentication.py | 9 ++++----- rdiffweb/main.py | 12 +++++++++--- rdiffweb/plugins/ldap_auth/__init__.py | 2 +- rdiffweb/user.py | 2 ++ 4 files changed, 16 insertions(+), 9 deletions(-) diff --git a/rdiffweb/filter_authentication.py b/rdiffweb/filter_authentication.py index 9d2e2c41..fd94e962 100644 --- a/rdiffweb/filter_authentication.py +++ b/rdiffweb/filter_authentication.py @@ -54,7 +54,7 @@ class BaseAuth(HandlerTool): def check_username_and_password(self, username, password): """Validate user credentials.""" - logger.info("check credentials for [%s]", username) + logger.debug("check credentials for [%s]", username) try: userobj = cherrypy.request.app.userdb.login(username, password) # @UndefinedVariable except: @@ -183,7 +183,7 @@ class AuthFormTool(BaseAuth): if path.startswith(native_str('/login')): if request.method != 'POST': response.headers['Allow'] = "POST" - logger.warn('do_login requires POST, redirect to /') + logger.debug('/login requires POST, redirect to /') # Redirect to / instead of showing error. raise cherrypy.HTTPRedirect(b'/') logger.debug('routing %(path)r to do_login', locals()) @@ -194,7 +194,6 @@ class AuthFormTool(BaseAuth): return self.do_logout(**request.params) # No special path, validate session. - logger.debug('no special path, running do_check') return self.do_check() @@ -224,7 +223,7 @@ class BasicAuth(BaseAuth): if scheme.lower() == 'basic': # Validate user credential. login, password = base64_decode(params).split(':', 1) - logger.info('routing %(path)r to do_login', locals()) + logger.debug('routing %(path)r to do_login', locals()) try: return self.do_login(login, password) except RdiffError as e: @@ -234,7 +233,7 @@ class BasicAuth(BaseAuth): except (ValueError, binascii.Error): raise cherrypy.HTTPError(400, 'Bad Request') - logger.info('no authorization header, running is_login') + logger.debug('no authorization header, running is_login') if not self.is_login(): # Inform the user-agent this path is protected. cherrypy.serving.response.headers['www-authenticate'] = ( diff --git a/rdiffweb/main.py b/rdiffweb/main.py index 9a3fd2cd..174c458a 100755 --- a/rdiffweb/main.py +++ b/rdiffweb/main.py @@ -16,12 +16,14 @@ # You should have received a copy of the GNU General Public License # along with this program. If not, see . +from __future__ import print_function from __future__ import unicode_literals import cherrypy from future.builtins import str import getopt import logging +import os import sys import tempfile import threading @@ -30,7 +32,6 @@ import traceback from rdiffweb import rdw_app, rdw_config from rdiffweb.rdw_profiler import ProfilingApplication - # Define logger for this module logger = logging.getLogger(__name__) @@ -117,6 +118,7 @@ def setup_logging(log_file, log_access_file, level): # Configure default log file. if log_file: assert isinstance(log_file, str) + print("continue logging to %s" % log_file) logging.basicConfig(filename=log_file, level=level, format=logformat) else: logging.basicConfig(level=level, format=logformat) @@ -124,6 +126,7 @@ def setup_logging(log_file, log_access_file, level): # Configure access log file. if log_access_file: assert isinstance(log_access_file, str) + print("continue logging access to %s" % log_access_file) logging.root.handlers[0].addFilter(NotFilter("cherrypy.access")) logging.root.handlers[0].addFilter(ContextFilter()) @@ -167,9 +170,12 @@ def start(): # Open config file before opening the apps. configfile = args.get('config', '/etc/rdiffweb/rdw.conf') + if not os.path.isfile(configfile): + print("configuration file %s doesn't exists" % configfile, file=sys.stderr) + exit(1) tmp_cfg = rdw_config.Configuration(configfile) log_file = args.get('log_file', None) or tmp_cfg.get_config('LogFile', False) - log_access_file = args.get('log_access_file', None) or tmp_cfg.get_config('LogAccessFile', False) + log_access_file = args.get('log_access_file', None) or tmp_cfg.get_config('LogAccessFile', None) if args.get('debug', False): environment = 'development' log_level = "DEBUG" @@ -190,7 +196,7 @@ def start(): app = rdw_app.RdiffwebApp(configfile) # Get configuration - serverHost = app.cfg.get_config("ServerHost", default="0.0.0.0") + serverHost = app.cfg.get_config("ServerHost", default=b"0.0.0.0") serverPort = app.cfg.get_config_int("ServerPort", default="8080") # Get SSL configuration (if any) sslCertificate = app.cfg.get_config("SslCertificate") diff --git a/rdiffweb/plugins/ldap_auth/__init__.py b/rdiffweb/plugins/ldap_auth/__init__.py index 2d4a0ae5..6b9bbaef 100644 --- a/rdiffweb/plugins/ldap_auth/__init__.py +++ b/rdiffweb/plugins/ldap_auth/__init__.py @@ -240,7 +240,7 @@ class LdapPasswordStore(IPasswordStore): def fetch_user_email(l, r): # @UnusedVariable if len(r) != 1: - logger.warning("user [%s] not found", username) + logger.warning("user [%s] not found in LDAP", username) return "" return self._attr(r, attr) diff --git a/rdiffweb/user.py b/rdiffweb/user.py index 238a2d81..e6410c29 100644 --- a/rdiffweb/user.py +++ b/rdiffweb/user.py @@ -301,6 +301,8 @@ class UserManager(Component): assert password is None or isinstance(user, str) # Validate the credentials logger.debug("validating user [%s] credentials", user) + if not self._password_stores: + logger.warn("not password store available to validate user credentials") real_user = False for store in self._password_stores: real_user = store.are_valid_credentials(user, password) -- GitLab