Clean logs
This commit is contained in:
parent
d4fedbdfcf
commit
a104db2f2d
|
@ -634,7 +634,7 @@ sub tests {
|
|||
checkMailResetSecurity => sub {
|
||||
return 1 unless ( $conf->{portalDisplayResetPassword} );
|
||||
return ( -1,
|
||||
'"passwordMailReset" plugin is enabled without CSRF Token neither Captcha required !!!'
|
||||
'"passwordMailReset" plugin is enabled without CSRF Token neither Captcha required'
|
||||
)
|
||||
unless ( $conf->{requireToken}
|
||||
or $conf->{captcha_mail_enabled} );
|
||||
|
|
|
@ -283,7 +283,7 @@ sub newNotification {
|
|||
|
||||
# Check if posted date > today
|
||||
unless ( $json->{date} ge $dDate ) {
|
||||
$self->logger->debug("Posted Date < today !!! ");
|
||||
$self->logger->debug("Posted Date < today");
|
||||
$json->{date} = $dDate;
|
||||
}
|
||||
$self->logger->debug("Notification Date = $json->{date}");
|
||||
|
|
|
@ -80,7 +80,7 @@ sub viewDiff {
|
|||
# Check Diff activation rule
|
||||
unless ( $self->diffRule->( $req, $req->{userData} ) ) {
|
||||
my $user = $req->{userData}->{_whatToTrace} || 'anonymous';
|
||||
$self->userLogger->warn("$user tried to compare configurations!!!");
|
||||
$self->userLogger->warn("$user is not authorized to compare configurations");
|
||||
return $self->sendJSONresponse( $req, { 'value' => '_Hidden_' } );
|
||||
}
|
||||
|
||||
|
@ -144,7 +144,7 @@ sub viewKey {
|
|||
$self->logger->debug(
|
||||
" $req->{env}->{REQUEST_URI} -> URI FORBIDDEN");
|
||||
my $user = $req->{userData}->{_whatToTrace} || 'anonymous';
|
||||
$self->userLogger->warn("$user tried to browse configurations!!!");
|
||||
$self->userLogger->warn("$user is not authorized to browse configurations");
|
||||
$self->rejectKey( $req, @args );
|
||||
}
|
||||
}
|
||||
|
|
|
@ -195,7 +195,7 @@ sub run {
|
|||
"Found $removed EXPIRED 2F device(s) => Update persistent session"
|
||||
);
|
||||
$self->userLogger->notice(
|
||||
" -> $removed EXPIRED 2F device(s) removed");
|
||||
" -> $removed expired 2F device(s) removed");
|
||||
@$_2fDevices =
|
||||
map { $_->{type} =~ /\bEXPIRED\b/ ? () : $_ } @$_2fDevices;
|
||||
$self->p->updatePersistentSession( $req,
|
||||
|
|
|
@ -156,7 +156,7 @@ sub run {
|
|||
my $maxSize = $self->conf->{max2FDevices};
|
||||
$self->logger->debug("Nbr 2FDevices = $size / $maxSize");
|
||||
if ( $size >= $maxSize ) {
|
||||
$self->userLogger->error("Max number of 2F devices is reached !!!");
|
||||
$self->userLogger->warn("Max number of 2F devices is reached");
|
||||
return $self->p->sendError( $req, 'maxNumberof2FDevicesReached',
|
||||
400 );
|
||||
}
|
||||
|
|
|
@ -61,7 +61,7 @@ sub run {
|
|||
my $maxSize = $self->conf->{max2FDevices};
|
||||
$self->logger->debug("Registered 2F Device(s) : $size / $maxSize");
|
||||
if ( $size >= $maxSize ) {
|
||||
$self->userLogger->error("Max number of 2F devices is reached !!!");
|
||||
$self->userLogger->warn("Max number of 2F devices is reached");
|
||||
return $self->p->sendError( $req, 'maxNumberof2FDevicesReached',
|
||||
400 );
|
||||
}
|
||||
|
|
|
@ -103,8 +103,8 @@ sub run {
|
|||
my $maxSize = $self->conf->{max2FDevices};
|
||||
$self->logger->debug("Nbr 2FDevices = $size / $maxSize");
|
||||
if ( $size >= $maxSize ) {
|
||||
$self->userLogger->error(
|
||||
"Max number of 2F devices is reached !!!");
|
||||
$self->userLogger->warn(
|
||||
"Max number of 2F devices is reached");
|
||||
return $self->p->sendHtml(
|
||||
$req, 'error',
|
||||
params => {
|
||||
|
|
|
@ -125,7 +125,7 @@ sub verify {
|
|||
|
||||
unless ( $session->{__ch} and $session->{__ch} eq $challenge ) {
|
||||
$self->userLogger->error(
|
||||
"U2F challenge changes by user !!! $session->{__ch} / $challenge"
|
||||
"U2F challenge changed by user: $session->{__ch} / $challenge"
|
||||
);
|
||||
$req->error(PE_BADCREDENTIALS);
|
||||
return $self->fail($req);
|
||||
|
|
|
@ -188,7 +188,7 @@ sub _buildAuthLoop {
|
|||
split( /[;\|]/, $self->conf->{authChoiceModules}->{$_} );
|
||||
|
||||
unless ( $_choiceRules->{$_} ) {
|
||||
$self->logger->error("$_ has no rule !!!");
|
||||
$self->logger->error("$_ has no rule");
|
||||
$_choiceRules->{$_} = sub { 1 };
|
||||
}
|
||||
unless ( $_choiceRules->{$_}->( $req->env ) ) {
|
||||
|
|
|
@ -127,19 +127,17 @@ sub check {
|
|||
);
|
||||
}
|
||||
|
||||
if ( $user eq $req->{user} or !$user ) {
|
||||
$self->logger->debug("checkUser requested for myself");
|
||||
$self->userLogger->notice("Return userData...");
|
||||
$self->userLogger->warn("Using spoofed SSO groups if exist!!!")
|
||||
if ( !$user or $user eq $req->{user} ) {
|
||||
$self->userLogger->info("checkUser requested for himself");
|
||||
$self->userLogger->info("Using spoofed SSO groups if exist")
|
||||
if ( $self->conf->{impersonationRule} );
|
||||
$attrs = $req->userData;
|
||||
$user = $req->{user};
|
||||
}
|
||||
else {
|
||||
$self->logger->debug("checkUser requested for $user");
|
||||
$self->userLogger->info("checkUser requested for $user");
|
||||
|
||||
# Try to retrieve session from sessions DB
|
||||
$self->userLogger->notice('Try to retrieve session from DB...');
|
||||
$self->logger->debug('Try to retrieve session from DB...');
|
||||
my $moduleOptions = $self->conf->{globalStorageOptions} || {};
|
||||
$moduleOptions->{backend} = $self->conf->{globalStorage};
|
||||
|
@ -157,9 +155,7 @@ sub check {
|
|||
}
|
||||
unless ( defined $attrs->{_session_id} ) {
|
||||
$req->{user} = $user;
|
||||
$self->userLogger->notice(
|
||||
"NO session found in DB. Compute userData...");
|
||||
$self->logger->debug("NO session found in DB. Compute userData...");
|
||||
$self->userLogger->info("No session found in DB. Compute userData...");
|
||||
$attrs = $self->_userData($req);
|
||||
$compute = 1;
|
||||
}
|
||||
|
@ -213,18 +209,16 @@ sub check {
|
|||
$auth = $self->_authorization( $req, $url, $attrs );
|
||||
if ( $auth >= 0 ) {
|
||||
$auth = $auth ? "allowed" : "forbidden";
|
||||
$self->userLogger->notice(
|
||||
"checkUser -> $attrs->{ $self->{conf}->{whatToTrace} } is "
|
||||
. uc($auth)
|
||||
. " to access: $url" );
|
||||
$self->logger->debug(
|
||||
"checkUser: $attrs->{ $self->{conf}->{whatToTrace} } is "
|
||||
. "$auth to access to $url" );
|
||||
|
||||
# Return VirtualHost headers
|
||||
$array_hdrs = $self->_headers( $req, $url, $attrs );
|
||||
}
|
||||
else {
|
||||
$auth = 'VHnotFound';
|
||||
$self->userLogger->notice(
|
||||
"checkUser -> URL: $url has no configuration");
|
||||
$self->userLogger->info("checkUser: $url has no configuration");
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -267,8 +261,7 @@ sub display {
|
|||
my ( $attrs, $array_attrs ) = ( {}, [] );
|
||||
|
||||
$self->logger->debug("Display current session data...");
|
||||
$self->userLogger->notice("Retrieve session from Sessions database");
|
||||
$self->userLogger->warn("Using spoofed SSO groups if exist!!!")
|
||||
$self->userLogger->info("Using spoofed SSO groups if exist")
|
||||
if ( $self->conf->{impersonationRule} );
|
||||
$attrs = $req->userData;
|
||||
|
||||
|
|
|
@ -73,7 +73,7 @@ sub display {
|
|||
$req->userData->{"$self->{conf}->{impersonationPrefix}_session_id"};
|
||||
my $realSession;
|
||||
unless ( $realSession = $self->p->getApacheSession($realSessionId) ) {
|
||||
$self->userLogger->warn(
|
||||
$self->userLogger->info(
|
||||
"ContextSwitching -> session $realSession expired");
|
||||
return $self->p->do( $req, [ sub { PE_SESSIONEXPIRED } ] );
|
||||
}
|
||||
|
@ -90,13 +90,8 @@ sub display {
|
|||
if ( $req->userData->{"$self->{conf}->{impersonationPrefix}_session_id"} ) {
|
||||
$self->logger->debug('Request to stop ContextSwitching');
|
||||
if ( $self->conf->{contextSwitchingStopWithLogout} ) {
|
||||
$self->logger->debug(
|
||||
"** STOP ContextSwitching ** for $req->{user}");
|
||||
$self->logger->debug('Send logout request');
|
||||
$self->userLogger->notice(
|
||||
"** STOP ContextSwitching ** for $req->{user}");
|
||||
$self->logger->debug("Remove real session $realSession");
|
||||
$self->userLogger->notice("Remove real session $realSession");
|
||||
$self->userLogger->notice("Stop ContextSwitching for $req->{user}");
|
||||
$self->userLogger->info("Remove real session $realSession");
|
||||
$realSession->remove;
|
||||
return $self->p->do( $req,
|
||||
[ @{ $self->p->beforeLogout }, 'authLogout', 'deleteSession' ]
|
||||
|
@ -175,11 +170,9 @@ sub run {
|
|||
# Main session
|
||||
$self->p->updateSession( $req, $req->sessionInfo );
|
||||
$self->logger->debug(
|
||||
"ContextSwitching -> Update $realId session with $spoofId session data"
|
||||
);
|
||||
"ContextSwitching: Update $realId session with $spoofId session data");
|
||||
$self->userLogger->notice(
|
||||
"ContextSwitching -> Update $realId session with $spoofId session data"
|
||||
);
|
||||
"ContextSwitching: Update $realId session with $spoofId session data");
|
||||
|
||||
return $self->p->do( $req, [ sub { $statut } ] );
|
||||
}
|
||||
|
@ -226,7 +219,7 @@ sub _switchContext {
|
|||
$req->sessionInfo->{"$self->{conf}->{impersonationPrefix}_session_id"} =
|
||||
$realSessionId;
|
||||
$self->userLogger->notice(
|
||||
"** START ContextSwitching ** for $realId with uid: $spoofId ")
|
||||
"Start ContextSwitching: $realId becomes $spoofId ")
|
||||
unless $raz;
|
||||
|
||||
return $raz
|
||||
|
@ -241,27 +234,24 @@ sub _abortImpersonation {
|
|||
$req->{$type}->{"$self->{conf}->{impersonationPrefix}_session_id"};
|
||||
my $session;
|
||||
unless ( $session = $self->p->getApacheSession($realSessionId) ) {
|
||||
$self->userLogger->warn("Session $session expired");
|
||||
$self->userLogger->info("Session $session expired");
|
||||
return $req->error(PE_SESSIONEXPIRED);
|
||||
}
|
||||
|
||||
if ($abort) {
|
||||
$self->logger->debug("ABORT ContextSwitching $spoofId for $realId");
|
||||
$self->userLogger->notice(
|
||||
"ABORT ContextSwitching $spoofId for $realId");
|
||||
"Abort ContextSwitching: $spoofId by $realId");
|
||||
if ( my $abortSession = $self->p->getApacheSession( $req->id ) ) {
|
||||
$abortSession->remove;
|
||||
}
|
||||
else {
|
||||
$self->userLogger->warn(
|
||||
$self->userLogger->info(
|
||||
"ContextSwitching: session " . $req->id . " expired" );
|
||||
}
|
||||
}
|
||||
else {
|
||||
$self->logger->debug(
|
||||
"** STOP ContextSwitching ** for $realId with uid: $spoofId");
|
||||
$self->userLogger->notice(
|
||||
"** STOP ContextSwitching ** for $realId with uid: $spoofId");
|
||||
"Stop ContextSwitching for $realId with uid $spoofId");
|
||||
$self->p->deleteSession($req);
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue
Block a user