Skip to content

[Bug] Suppress Reduntant AuthenticationFailed Error+Warn #1523

Closed
@milesflo

Description

@milesflo

Suppress Redundant Error Message on Authentication Failed

Request Type

Bug

Work Environment

Question Answer
TheHive version thehiveproject/thehive4:latest
Package Type Docker

Problem Description

When login fails, 2 separate error messages are fired off:
1:

[error] o.t.t.s.TOTPAuthSrv [00000190|0773abb5] Authentication failure
org.thp.scalligraph.AuthenticationError: Operation not supported
 at org.thp.scalligraph.auth.AuthSrv.authenticate(AuthSrv.scala:55)
 at org.thp.scalligraph.auth.AuthSrv.authenticate$(AuthSrv.scala:52)
 at org.thp.scalligraph.auth.KeyAuthSrv.authenticate(KeyAuthSrv.scala:11)
 at org.thp.scalligraph.auth.MultiAuthSrv.$anonfun$authenticate$1(MultiAuthSrv.scala:71)
 at org.thp.scalligraph.auth.MultiAuthSrv$$anonfun$$nestedInanonfun$forAllAuthProvider$1$1.applyOrElse(MultiAuthSrv.scala:59)
 at org.thp.scalligraph.auth.MultiAuthSrv$$anonfun$$nestedInanonfun$forAllAuthProvider$1$1.applyOrElse(MultiAuthSrv.scala:57)
 at scala.runtime.AbstractPartialFunction.apply(AbstractPartialFunction.scala:38)
 at scala.util.Failure.recoverWith(Try.scala:236)
 at org.thp.scalligraph.auth.MultiAuthSrv.$anonfun$forAllAuthProvider$1(MultiAuthSrv.scala:57)
 at scala.collection.LinearSeqOptimized.foldLeft(LinearSeqOptimized.scala:126)

2:

[warn] o.t.s.ErrorHandler [00000190|] POST /api/login returned 401: Authentication failure

Authentication failure should not be classified as an error, and will FP on logging platforms. Please suppress for log sanitation.

Steps to Reproduce

  1. Spin up TH4
  2. Go to login splash page
  3. Log in with bad credentials
  4. Observe error message

Possible Solutions

I believe the offending line is here:

case None Future.failed(AuthenticationError("Authentication failure"))

If I'm reading this right, if password authentication fails it will go on to test key-based authentication, and fail there.

Metadata

Metadata

Assignees

Labels

TheHive4TheHive4 related issuesbug

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions