5 Replies Latest reply on Sep 4, 2015 10:10 AM by shawkins

    How to get User IP when it logon failure

    lxjsj

      When log in successfully to Teiid, we can see info in security.log:

       

      2015-09-02 05:59:42,987 INFO  [org.teiid.SECURITY] (New I/O worker #4:) Logon successful, created session: sessionid=bFfMzaKOOmYQ; userName=xxx@teiid-security; vdbName=public; vdbVersion=1; createdTime=Wed Sep 02 05:59:42 AEST 2015; applicationName=JDBC; clientHostName=xxx.com; clientHardwareAddress=null; IPAddress=10.xx.xx.xx; securityDomain=teiid-security; lastPingTime=Wed Sep 02 05:59:42 AEST 2015

       

      But when login fail

      00:00:05,249 SEVERE [org.teiid.jdbc] (New I/O worker #25) Could not create connection: org.teiid.jdbc.TeiidSQLException: TEIID50072 The username "xxx" and/or password and/or payload token could not be authenticated by any membership domain.

              at org.teiid.jdbc.TeiidSQLException.create(TeiidSQLException.java:135) [teiid-client-8.8.1.jar:8.8.1]

              at org.teiid.jdbc.TeiidSQLException.create(TeiidSQLException.java:71) [teiid-client-8.8.1.jar:8.8.1]

              at org.teiid.jboss.TransportService$1.connect(TransportService.java:177) [teiid-jboss-integration-8.8.1.jar:8.8.1]

              at org.teiid.jdbc.TeiidDriver.connect(TeiidDriver.java:105) [teiid-client-8.8.1.jar:8.8.1]

              at org.teiid.odbc.ODBCServerRemoteImpl.logon(ODBCServerRemoteImpl.java:268) [teiid-runtime-8.8.1.jar:8.8.1]

              at sun.reflect.GeneratedMethodAccessor116.invoke(Unknown Source) [:1.7.0_85]

              at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [rt.jar:1.7.0_85]

              at java.lang.reflect.Method.invoke(Method.java:606) [rt.jar:1.7.0_85]

              at org.teiid.transport.ODBCClientInstance.processMessage(ODBCClientInstance.java:127) [teiid-runtime-8.8.1.jar:8.8.1]

              at org.teiid.transport.ODBCClientInstance.receivedMessage(ODBCClientInstance.java:116) [teiid-runtime-8.8.1.jar:8.8.1]

              at org.teiid.transport.SSLAwareChannelHandler.messageReceived(SSLAwareChannelHandler.java:211) [teiid-runtime-8.8.1.jar:8.8.1]

              at org.jboss.netty.channel.SimpleChannelHandler.handleUpstream(SimpleChannelHandler.java:88) [netty.jar:3.6.6.Final-redhat-1]

              at org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:564) [netty.jar:3.6.6.Final-redhat-1]

              at org.jboss.netty.channel.DefaultChannelPipeline$DefaultChannelHandlerContext.sendUpstream(DefaultChannelPipeline.java:791) [netty.jar:3.6.6.Final-redhat-1]

              at org.jboss.netty.channel.Channels.fireMessageReceived(Channels.java:296) [netty.jar:3.6.6.Final-redhat-1]

              at org.jboss.netty.handler.codec.frame.FrameDecoder.unfoldAndFireMessageReceived(FrameDecoder.java:462) [netty.jar:3.6.6.Final-redhat-1]

              at org.jboss.netty.handler.codec.frame.FrameDecoder.callDecode(FrameDecoder.java:443) [netty.jar:3.6.6.Final-redhat-1]

              at org.jboss.netty.handler.codec.frame.FrameDecoder.messageReceived(FrameDecoder.java:303) [netty.jar:3.6.6.Final-redhat-1]

              at org.jboss.netty.channel.SimpleChannelUpstreamHandler.handleUpstream(SimpleChannelUpstreamHandler.java:70) [netty.jar:3.6.6.Final-redhat-1]

              at org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:564) [netty.jar:3.6.6.Final-redhat-1]

              at org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:559) [netty.jar:3.6.6.Final-redhat-1]

              at org.jboss.netty.channel.Channels.fireMessageReceived(Channels.java:268) [netty.jar:3.6.6.Final-redhat-1]

              at org.jboss.netty.channel.Channels.fireMessageReceived(Channels.java:255) [netty.jar:3.6.6.Final-redhat-1]

              at org.jboss.netty.channel.socket.nio.NioWorker.read(NioWorker.java:88) [netty.jar:3.6.6.Final-redhat-1]

              at org.jboss.netty.channel.socket.nio.AbstractNioWorker.process(AbstractNioWorker.java:109) [netty.jar:3.6.6.Final-redhat-1]

              at org.jboss.netty.channel.socket.nio.AbstractNioSelector.run(AbstractNioSelector.java:312) [netty.jar:3.6.6.Final-redhat-1]

              at org.jboss.netty.channel.socket.nio.AbstractNioWorker.run(AbstractNioWorker.java:90) [netty.jar:3.6.6.Final-redhat-1]

              at org.jboss.netty.channel.socket.nio.NioWorker.run(NioWorker.java:178) [netty.jar:3.6.6.Final-redhat-1]

              at org.jboss.netty.util.ThreadRenamingRunnable.run(ThreadRenamingRunnable.java:108) [netty.jar:3.6.6.Final-redhat-1]

              at org.jboss.netty.util.internal.DeadLockProofWorker$1.run(DeadLockProofWorker.java:42) [netty.jar:3.6.6.Final-redhat-1]

              at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) [rt.jar:1.7.0_85]

              at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) [rt.jar:1.7.0_85]

              at java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_85]

      Caused by: org.teiid.net.ConnectionException: TEIID50072 The username "xxx" and/or password and/or payload token could not be authenticated by any membership domain.

              at org.teiid.transport.LocalServerConnection.authenticate(LocalServerConnection.java:133) [teiid-runtime-8.8.1.jar:8.8.1]

              at org.teiid.transport.LocalServerConnection.<init>(LocalServerConnection.java:100) [teiid-runtime-8.8.1.jar:8.8.1]

              at org.teiid.jboss.TransportService$1$1.<init>(TransportService.java:167) [teiid-jboss-integration-8.8.1.jar:8.8.1]

              at org.teiid.jboss.TransportService$1.connect(TransportService.java:167) [teiid-jboss-integration-8.8.1.jar:8.8.1]

              ... 30 more

      Caused by: org.teiid.client.security.LogonException: TEIID50072 The username "xxx" and/or password and/or payload token could not be authenticated by any membership domain.

              at org.teiid.transport.LogonImpl.logon(LogonImpl.java:153) [teiid-runtime-8.8.1.jar:8.8.1]

              at org.teiid.transport.LogonImpl.logon(LogonImpl.java:117) [teiid-runtime-8.8.1.jar:8.8.1]

              at sun.reflect.GeneratedMethodAccessor90.invoke(Unknown Source) [:1.7.0_85]

              at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [rt.jar:1.7.0_85]

              at java.lang.reflect.Method.invoke(Method.java:606) [rt.jar:1.7.0_85]

              at org.teiid.transport.LocalServerConnection$1$1.call(LocalServerConnection.java:173) [teiid-runtime-8.8.1.jar:8.8.1]

              at java.util.concurrent.FutureTask.run(FutureTask.java:262) [rt.jar:1.7.0_85]

              at org.teiid.dqp.internal.process.DQPWorkContext.runInContext(DQPWorkContext.java:274) [teiid-engine-8.8.1.jar:8.8.1]

              at org.teiid.dqp.internal.process.DQPWorkContext.runInContext(DQPWorkContext.java:258) [teiid-engine-8.8.1.jar:8.8.1]

              at org.teiid.transport.LocalServerConnection$1.invoke(LocalServerConnection.java:171) [teiid-runtime-8.8.1.jar:8.8.1]

              at com.sun.proxy.$Proxy47.logon(Unknown Source)

              at org.teiid.transport.LocalServerConnection.authenticate(LocalServerConnection.java:129) [teiid-runtime-8.8.1.jar:8.8.1]

              ... 33 more

      Caused by: javax.security.auth.login.LoginException: TEIID50072 The username "xxx" and/or password and/or payload token could not be authenticated by any membership domain.

              at org.teiid.jboss.JBossSessionService.authenticate(JBossSessionService.java:78) [teiid-jboss-integration-8.8.1.jar:8.8.1]

              at org.teiid.services.SessionServiceImpl.createSession(SessionServiceImpl.java:171) [teiid-runtime-8.8.1.jar:8.8.1]

              at org.teiid.transport.LogonImpl.logon(LogonImpl.java:133) [teiid-runtime-8.8.1.jar:8.8.1]

              ... 44 more

       

      we want to know the IP the host request to manage it.

        • 1. Re: How to get User IP when it logon failure
          gurusathish

          Hi,

           

          you can retrieve the user's IP address by making use of request object.

           

          equest.getRemoteAddr(), request.getRemotHost() 

           

          Thanks

          • 2. Re: How to get User IP when it logon failure
            rareddy

            lxjsj,


            You can log a enhancement request for it for the failure case to log the client ip.


            On Success, I believe you can also do


            Connection conn = ...

            conn.getClientInfo().getProperty("clientIpAddress");


            Ramesh..

            • 3. Re: How to get User IP when it logon failure
              shawkins

              > You can log a enhancement request for it for the failure case to log the client ip.

               

              With 8.12 audit logging has been expanded, but we aren't yet passing the full properties set or specifically the client ip.

              • 4. Re: How to get User IP when it logon failure
                gurusathish

                Hi Ramesh,

                 

                You can also get ip address when the user logs on failiure....

                you can achieve the following example in your preferred programming language....

                 

                Class LoginController{

                   

                     public String loginAction(HttpServletRequest request)

                     {

                          System.out.println("Before Authorizing");

                          System.out.println("User IP Address:"+request.getRemotHost());

                         

                          // Then you check for the login authorization from database operation here


                     }

                }

                 

                Thank.........

                • 5. Re: How to get User IP when it logon failure
                  shawkins

                  For the general issue of adding the more information into the audit log https://issues.jboss.org/browse/TEIID-3682 was captured.

                   

                  Sathish,

                   

                  I think what he is looking for is the relevant information to be in the Teiid server log.  What you have shown presumes a servlet path somewhere above Teiid, which may not necessarily be the case.