Logging of login attemts
-
How can I log the login attemts of users in nginx/apache logs? I like to see the usernames who are logging in like in the z-push logins.
Thanks!
Klaus -
@klausf Failed attempt can be seen in the apache error log
Kopano WebApp user: klausf: authentication failure at MAPI, referer: https://someurl/?logon -
@marty Thank you for your quick reply. Yes, fine, thanks for the hint! Is it possible to configure webapp to log successful logins with the username?
-
You cannot configure it, but you can add a line to the php code.
For example here:
https://stash.kopano.io/projects/KW/repos/kopano-webapp/browse/server/includes/core/class.webappauthentication.php#173 -
@marty Great, works fine! Thank you for finding the line number for me!
It would be nice to have a config.php variable to enable success logging for future versions.if (WebAppAuthentication::$_errorCode === NOERROR ) { WebAppAuthentication::$_authenticated = true; // Print success message to error_log of webserver error_log('Kopano WebApp user: ' . $username . ': authentication success at MAPI'); WebAppAuthentication::_storeMAPISession(WebAppAuthentication::$_mapiSession->getSession()); } elseif ( WebAppAuthentication::$_errorCode == MAPI_E_LOGON_FAILED || WebAppAuthentication::$_errorCode == MAPI_E_UNCONFIGURED ) { // Print error message to error_log of webserver error_log('Kopano WebApp user: ' . $username . ': authentication failure at MAPI'); -
Hi all,
I cam from this thread here and I am also interested in getting the succeeded logins. Can anyone explain to me please, how I can implement this in the class.webappauthentication.php and how to compile and make the change effective?
thank you in advance.
-
anyone can explain to a non-developer how to implement this “patch” so I can get have logged the succeeded logins, too?
BTW: I’m also interested in a solution to see successful “mailbox attaches” in the log file. Is that possible, too? For example: when Alice attaches successfully the mailbox of Bob into her account.
thanks in advance.
-
Several ways, one way would be to open the file /usr/share/kopano-webapp/server/includes/core/class.webappauthentication.php with vi/vim, and around line 172, the one that says “WebAppAuthentication::$_authenticated = true;”, just add this line right after that one:
error_log('Kopano WebApp user: ’ . $username . ‘: authentication success at MAPI’);You should then in your /var/log/apache2/error.log see something like this:
[:error] [pid XXX] [client XXXXXXXXX:XXXX] Kopano WebApp user: username: authentication success at MAPINote that this file will be replaced whenever there is a new version of kopano-webapp being installed, so another way would be to use dpkg-divert, if you are on debian, or just remember to do it manually every time a new version of kopano-webapp
-
I’ve made a ticket: https://jira.kopano.io/browse/KW-3375
and added a small fix, hidden behind a new config option, because not everyone wants this enabled by default. -
@klausade
Thanks for that helpful information. Your line showed backticks instead the apostrophe, I had to correct the line:error_log('Kopano WebApp user: ' . $username . ': authentication success at MAPI');Now my “/usr/share/kopano-webapp/server/includes/core/class.webappauthentication.php” looks like that:
if (WebAppAuthentication::$_errorCode === NOERROR ) { WebAppAuthentication::$_authenticated = true; error_log('Kopano WebApp user: ' . $username . ': authentication success at MAPI');and I get successfully the message logged as you explained. Great!
@marty said in Logging of login attemts:
I’ve made a ticket: https://jira.kopano.io/browse/KW-3375
and added a small fix, hidden behind a new config option, because not everyone wants this enabled by default.thank you Marty. It would be nice to have the option to specify a separate logfile for succeeded or failed logins which one could use for post-analyzing procedures (security measurements).
Now I still wonder if it’s possible to get succeeded attaches of a shared mailbox. Will that work somehow similar ?
