On Mon, Mar 19, 2012 at 4:54 PM, Amila Jayasekara <[email protected]> wrote: > > The error log is originating from AxisEngine. In which AxisEngine > prints the AxisFault as an error. I also agree with Kasun that we > should not show this exception trace to user. Shall we change the log > level of log message to "debug" rather than "error" ?
Yes, this is "giving too much information", (a phrase I learned in Java Colombo!) :), well the information is inaccurate too. Yes, it's good if this can be converted to debug level. But, is it ok to reveal this detail even at debug level? > > When an unauthenticated user tries to access https://localhost:9443/carbon/, > > it gets redirected to https://localhost:9443/carbon/admin/login.jsp. > > > > So in your case, does this error occur during this redirection? Hi Thilina, This redirection happens too. But this stack trace gets printed in the server log. No affects to the functionality AFAIS. Thanks, --KasunG > > > > > Thanks, > > Thilina > > > > > > On Mon, Mar 19, 2012 at 3:44 PM, Kasun Gajasinghe <[email protected]> wrote: > >> > >> Hi, > >> In the current trunk pack, when AppServer is started, and opened the link > >> provided for management console URL (https://localhost:9443/carbon/), a > >> exception gets thrown saying "org.apache.axis2.AxisFault: Access Denied. > >> Authentication failed - Invalid password provided." The full stack trace is > >> at [1]. This error is thrown everytime someone loaded the management > >> console > >> before logging in. > >> > >> As far as I noticed, there isn't any exception thrown in the released > >> versions (I checked greg-4.1.1), only the WARNing message. I think this > >> should be fixed because this gives a wrong idea to the user that the > >> password s/he provided was wrong! > >> > >> Thanks, > >> --KasunG > >> > >> > >> [1] > >> [2012-03-19 15:38:14,839] WARN > >> {org.wso2.carbon.core.services.util.CarbonAuthenticationUtil} - Failed > >> Administrator login attempt 'admin[0]' at [2012-03-19 15:38:14,0839] from > >> IP > >> address 10.100.3.137 > >> [2012-03-19 15:38:14,841] ERROR {org.apache.axis2.engine.AxisEngine} - > >> Access Denied. Authentication failed - Invalid password provided. > >> org.apache.axis2.AxisFault: Access Denied. Authentication failed - Invalid > >> password provided. > >> at > >> org.wso2.carbon.server.admin.module.handler.AuthenticationHandler.authenticate(AuthenticationHandler.java:94) > >> at > >> org.wso2.carbon.server.admin.module.handler.AuthenticationHandler.invoke(AuthenticationHandler.java:53) > >> at org.apache.axis2.engine.Phase.invokeHandler(Phase.java:340) > >> at org.apache.axis2.engine.Phase.invoke(Phase.java:313) > >> at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:262) > >> at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:168) > >> at > >> org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:172) > >> at > >> org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:146) > >> at > >> org.wso2.carbon.core.transports.CarbonServlet.doPost(CarbonServlet.java:205) > >> at javax.servlet.http.HttpServlet.service(HttpServlet.java:641) > >> at javax.servlet.http.HttpServlet.service(HttpServlet.java:722) > >> at > >> org.eclipse.equinox.http.servlet.internal.ServletRegistration.handleRequest(ServletRegistration.java:90) > >> at > >> org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:111) > >> at > >> org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:67) > >> at javax.servlet.http.HttpServlet.service(HttpServlet.java:722) > >> at > >> org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:46) > >> at > >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305) > >> at > >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210) > >> at > >> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:224) > >> at > >> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:169) > >> at > >> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472) > >> at > >> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:168) > >> at > >> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:98) > >> at > >> org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:54) > >> at > >> org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:155) > >> at > >> org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:927) > >> at > >> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118) > >> at > >> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407) > >> at > >> org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:987) > >> at > >> org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:579) > >> at > >> org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1600) > >> at > >> java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886) > >> at > >> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908) > >> at java.lang.Thread.run(Thread.java:662) > >> > >> > >> > >> -- > >> Kasun Gajasinghe > >> Software Engineer; WSO2 Inc.; http://wso2.com > >> > >> , > >> email: kasung AT spamfree wso2.com cell: +94 (77) 678-0813 > >> linked-in: http://lk.linkedin.com/in/gajasinghe > >> blog: http://blog.kasunbg.org > >> > >> > >> twitter: http://twitter.com/kasunbg > >> > >> > >> > > > > > > > > -- > > Thilina Buddhika > > Associate Technical Lead > > WSO2 Inc. ; http://wso2.com > > lean . enterprise . middleware > > > > phone : +94 77 44 88 727 > > blog : http://blog.thilinamb.com > > > > _______________________________________________ > > Dev mailing list > > [email protected] > > http://wso2.org/cgi-bin/mailman/listinfo/dev > > > > > > -- > Mobile : +94773330538 -- Kasun Gajasinghe Software Engineer; WSO2 Inc.; http://wso2.com , email: kasung AT spamfree wso2.com cell: +94 (77) 678-0813 linked-in: http://lk.linkedin.com/in/gajasinghe blog: http://blog.kasunbg.org twitter: http://twitter.com/kasunbg _______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
