Reputation: 13
How can I log username in wso2 logs in case of failed attempt of a user in wso2 identity server
I wanted to log username, in case of a login failed scenario in the wso2 identity server using adaptive authentication
code snippet for adaptive authentication
var abc = function(context) {
executeStep(1, {
onSuccess: function (context) {
var user = context.currentKnownSubject;
}
}
},
onFail: function (context){
var username = context.request.params.userame;
var user = context.currentKnownSubject;
//i have used these two approach but the username is coming as null
}
});
};
Could anyone please help with how to do it?
Upvotes: 1
Views: 256
Answers (2)
Reputation: 3057
var user = context.currentKnownSubject; or var user = context.steps[1].subject (change the authentication step inside [] as required) can be used to refer the authenticated user object that represents the user details.
So, on the successful authentication step, you can get the authenticated user's username by
context.steps[1].subject.username or context.currentKnownSubject.username
Since there is no authenticated subject set on authentication failure, we can't access the user details from context.currentKnownSubject / context.steps[1].subject under onFail function.(Related issue: https://github.com/wso2/product-is/issues/3950).
But you can retrieve the user input username as context.request.params.username[0] (NOTE: var username = context.request.params.userame; in your code has a typo; userame)
Try the following:
var onLoginRequest = function(context) {
executeStep(1, {
onSuccess: function (context) {
Log.info('Username: ' + context.steps[1].subject.username);
Log.info('Username: ' + context.currentKnownSubject.username);
},
onFail: function (context){
Log.info('Username: ' + context.request.params.username[0]);
}
});
};
Upvotes: 1
Reputation: 411
Try adding the following.
Log.info('User ' + context.currentKnownSubject.identifier);
I would not recommend logging the username when you are in a production environment because it can reveal sensitive information about the user (if you are using the email as the username). Make sure to remove the logs (comment them) once you are in production.
You can find more information about adaptive auth in here.
Upvotes: 0
Related Questions
- How to display username and invoked api name in wso2 apim log?
- How to perform WSO2 user authentication
- WSO2 IS : Logging with username and password
- WSO2 Username test011 is not valid. User name must be a non null string
- WSO2 Identity server not returning errors in login
- Wso2am custom sequence - how to log username
- WSO2 API Manager get user name in backend
- Show exact error messages in wso2 Authentication Endpoint
- Monitoring WSO2 IS logins/loguts, using WSO2 bam
- Get the authenticated user object from WSO2 Identity server