Closed
Description
Suppress Redundant Error Message on Authentication Failed
Request Type
Bug
Work Environment
Question | Answer |
---|---|
TheHive version | thehiveproject/thehive4:latest |
Package Type | Docker |
Problem Description
When login fails, 2 separate error messages are fired off:
1:
[error] o.t.t.s.TOTPAuthSrv [00000190|0773abb5] Authentication failure
org.thp.scalligraph.AuthenticationError: Operation not supported
at org.thp.scalligraph.auth.AuthSrv.authenticate(AuthSrv.scala:55)
at org.thp.scalligraph.auth.AuthSrv.authenticate$(AuthSrv.scala:52)
at org.thp.scalligraph.auth.KeyAuthSrv.authenticate(KeyAuthSrv.scala:11)
at org.thp.scalligraph.auth.MultiAuthSrv.$anonfun$authenticate$1(MultiAuthSrv.scala:71)
at org.thp.scalligraph.auth.MultiAuthSrv$$anonfun$$nestedInanonfun$forAllAuthProvider$1$1.applyOrElse(MultiAuthSrv.scala:59)
at org.thp.scalligraph.auth.MultiAuthSrv$$anonfun$$nestedInanonfun$forAllAuthProvider$1$1.applyOrElse(MultiAuthSrv.scala:57)
at scala.runtime.AbstractPartialFunction.apply(AbstractPartialFunction.scala:38)
at scala.util.Failure.recoverWith(Try.scala:236)
at org.thp.scalligraph.auth.MultiAuthSrv.$anonfun$forAllAuthProvider$1(MultiAuthSrv.scala:57)
at scala.collection.LinearSeqOptimized.foldLeft(LinearSeqOptimized.scala:126)
2:
[warn] o.t.s.ErrorHandler [00000190|] POST /api/login returned 401: Authentication failure
Authentication failure should not be classified as an error, and will FP on logging platforms. Please suppress for log sanitation.
Steps to Reproduce
- Spin up TH4
- Go to login splash page
- Log in with bad credentials
- Observe error message
Possible Solutions
I believe the offending line is here:
If I'm reading this right, if password authentication fails it will go on to test key-based authentication, and fail there.