diff --git a/bundles/org.openhab.core.io.http.auth/src/main/java/org/openhab/core/io/http/auth/internal/AbstractAuthPageServlet.java b/bundles/org.openhab.core.io.http.auth/src/main/java/org/openhab/core/io/http/auth/internal/AbstractAuthPageServlet.java index 4244c840c..6f30e68d8 100644 --- a/bundles/org.openhab.core.io.http.auth/src/main/java/org/openhab/core/io/http/auth/internal/AbstractAuthPageServlet.java +++ b/bundles/org.openhab.core.io.http.auth/src/main/java/org/openhab/core/io/http/auth/internal/AbstractAuthPageServlet.java @@ -142,12 +142,12 @@ public abstract class AbstractAuthPageServlet extends HttpServlet { return user; } - protected void processFailedLogin(HttpServletResponse resp, Map params, @Nullable String message) - throws IOException { + protected void processFailedLogin(HttpServletResponse resp, String remoteAddr, Map params, + @Nullable String message) throws IOException { lastAuthenticationFailure = Instant.now(); authenticationFailureCount += 1; resp.setContentType("text/html;charset=UTF-8"); - logger.warn("Authentication failed: {}", message); + logger.warn("Authentication failed from {}: {}", remoteAddr, message); resp.getWriter().append(getPageBody(params, getLocalizedMessage("auth.login.fail"), false)); resp.getWriter().close(); } diff --git a/bundles/org.openhab.core.io.http.auth/src/main/java/org/openhab/core/io/http/auth/internal/AuthorizePageServlet.java b/bundles/org.openhab.core.io.http.auth/src/main/java/org/openhab/core/io/http/auth/internal/AuthorizePageServlet.java index 763401792..a2d221b73 100644 --- a/bundles/org.openhab.core.io.http.auth/src/main/java/org/openhab/core/io/http/auth/internal/AuthorizePageServlet.java +++ b/bundles/org.openhab.core.io.http.auth/src/main/java/org/openhab/core/io/http/auth/internal/AuthorizePageServlet.java @@ -184,7 +184,7 @@ public class AuthorizePageServlet extends AbstractAuthPageServlet { resp.addHeader(HttpHeaders.LOCATION, getRedirectUri(baseRedirectUri, authorizationCode, null, state)); resp.setStatus(HttpStatus.MOVED_TEMPORARILY_302); } catch (AuthenticationException e) { - processFailedLogin(resp, params, e.getMessage()); + processFailedLogin(resp, req.getRemoteAddr(), params, e.getMessage()); } catch (IllegalArgumentException e) { @Nullable String baseRedirectUri = params.containsKey("redirect_uri") ? params.get("redirect_uri")[0] : null; diff --git a/bundles/org.openhab.core.io.http.auth/src/main/java/org/openhab/core/io/http/auth/internal/ChangePasswordPageServlet.java b/bundles/org.openhab.core.io.http.auth/src/main/java/org/openhab/core/io/http/auth/internal/ChangePasswordPageServlet.java index 8eb909ebc..11da0cdbc 100644 --- a/bundles/org.openhab.core.io.http.auth/src/main/java/org/openhab/core/io/http/auth/internal/ChangePasswordPageServlet.java +++ b/bundles/org.openhab.core.io.http.auth/src/main/java/org/openhab/core/io/http/auth/internal/ChangePasswordPageServlet.java @@ -121,7 +121,7 @@ public class ChangePasswordPageServlet extends AbstractAuthPageServlet { resp.getWriter().append(getResultPageBody(params, getLocalizedMessage("auth.changepassword.success"))); resp.getWriter().close(); } catch (AuthenticationException e) { - processFailedLogin(resp, params, e.getMessage()); + processFailedLogin(resp, req.getRemoteAddr(), params, e.getMessage()); } } diff --git a/bundles/org.openhab.core.io.http.auth/src/main/java/org/openhab/core/io/http/auth/internal/CreateAPITokenPageServlet.java b/bundles/org.openhab.core.io.http.auth/src/main/java/org/openhab/core/io/http/auth/internal/CreateAPITokenPageServlet.java index 66d2b7ed7..556d6f843 100644 --- a/bundles/org.openhab.core.io.http.auth/src/main/java/org/openhab/core/io/http/auth/internal/CreateAPITokenPageServlet.java +++ b/bundles/org.openhab.core.io.http.auth/src/main/java/org/openhab/core/io/http/auth/internal/CreateAPITokenPageServlet.java @@ -136,7 +136,7 @@ public class CreateAPITokenPageServlet extends AbstractAuthPageServlet { resp.getWriter().append(getResultPageBody(params, resultMessage)); resp.getWriter().close(); } catch (AuthenticationException e) { - processFailedLogin(resp, params, e.getMessage()); + processFailedLogin(resp, req.getRemoteAddr(), params, e.getMessage()); } } diff --git a/bundles/org.openhab.core.io.rest.auth/src/main/java/org/openhab/core/io/rest/auth/internal/AuthFilter.java b/bundles/org.openhab.core.io.rest.auth/src/main/java/org/openhab/core/io/rest/auth/internal/AuthFilter.java index 2d81a6164..05f55dd1e 100644 --- a/bundles/org.openhab.core.io.rest.auth/src/main/java/org/openhab/core/io/rest/auth/internal/AuthFilter.java +++ b/bundles/org.openhab.core.io.rest.auth/src/main/java/org/openhab/core/io/rest/auth/internal/AuthFilter.java @@ -22,10 +22,12 @@ import java.util.Map; import java.util.Random; import javax.annotation.Priority; +import javax.servlet.http.HttpServletRequest; import javax.ws.rs.Priorities; import javax.ws.rs.container.ContainerRequestContext; import javax.ws.rs.container.ContainerRequestFilter; import javax.ws.rs.container.PreMatching; +import javax.ws.rs.core.Context; import javax.ws.rs.core.HttpHeaders; import javax.ws.rs.core.Response.Status; import javax.ws.rs.core.SecurityContext; @@ -96,7 +98,10 @@ public class AuthFilter implements ContainerRequestFilter { private final JwtHelper jwtHelper; private final UserRegistry userRegistry; - private RegistryChangeListener userRegistryListener = new RegistryChangeListener() { + @Context + private @NonNullByDefault({}) HttpServletRequest servletRequest; + + private RegistryChangeListener userRegistryListener = new RegistryChangeListener<>() { @Override public void added(User element) { @@ -257,7 +262,7 @@ public class AuthFilter implements ContainerRequestFilter { requestContext.setSecurityContext(new AnonymousUserSecurityContext()); } } catch (AuthenticationException e) { - logger.warn("Unauthorized API request: {}", e.getMessage()); + logger.warn("Unauthorized API request from {}: {}", servletRequest.getRemoteAddr(), e.getMessage()); requestContext.abortWith(JSONResponse.createErrorResponse(Status.UNAUTHORIZED, "Invalid credentials")); } }