VOOZH about

URL: https://www.javacodegeeks.com/2022/11/logging-failed-and-successful-authentication-attempts-with-springboot.html

⇱ Logging Failed and Successful Authentication Attempts with SpringBoot - Java Code Geeks

Introduction

In the latest OWASP top 10 (OWASP Top 10:2021) list with, the well known standard awareness document for developers and web application security that represents a broad consensus about the most critical security risks to web applications, a mentioned is made regarding identification and authentication failures (A07:2021 – Identification and Authentication Failures). Previously known as “Broken authentication” it refers to the dangers a web application has from week authentication implementations. Bellow I am going to demonstrate the implementation of one of the counter measures which is to be able to log authentication attempts whether these are successful or not.

Implementation

In order to avoid boilerplate code I am using lombok to create the Slf4J logger.

Log Success

The steps are the following

  1. We create a service that “listens” for the success logins
  2. Extract the username
  3. Extract the IP address
  4. Log it

For the first step we need to create a component, lets call it AuthenticationFailureListener that will implement the interface ApplicationListener<AuthenticationFailureBadCredentialsEvent>

There we will need to Autowire an HttpServletRequest in order to get the ip address. the address will either be on this object of if the request is coming from a proxy it will be extracted from the X-Forwarded-For header.

If we add all that the code should be something similar to the snippet bellow

import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.ApplicationListener;
import org.springframework.security.authentication.event.AuthenticationSuccessEvent;
import org.springframework.stereotype.Component;

import javax.servlet.http.HttpServletRequest;

@Slf4j
@Component
public class AuthenticationSuccessListener implements ApplicationListener<AuthenticationSuccessEvent> {
 @Autowired
 private HttpServletRequest request;

 @Override
 public void onApplicationEvent(AuthenticationSuccessEvent event) {
 //get the X-Forwarded-For header so that we know if the request is from a proxy
 final String xfHeader = request.getHeader("X-Forwarded-For");
 if (xfHeader == null){
 //no proxy
 log.error("Successful login attempt for {} from {}", event.getAuthentication().getName(), request.getRemoteAddr());
 } else {
 //from proxy
 log.error("Successful login attempt for {} from {}", event.getAuthentication().getName(), xfHeader.split(",")[0]);
 }
 }
}

You should get a response similar to

2022-08-17 01:50:42.325 ERROR 81901 --- [io-8080-exec-10] .d.u.m.m.s.AuthenticationSuccessListener : Successful login attempt for alexius from 0:0:0:0:0:0:0:1

Log Failure

  1. We create a service that “listens” for the failed logins
  2. Extract the username
  3. Extract the IP address
  4. Log it

For the first step we need to create a component, lets call it AuthenticationSuccessListener that will implement the interface ApplicationListener<AuthenticationSuccessEvent>

There we will need to Autowire an HttpServletRequest in order to get the ip address. the address will either be on this object of if the request is coming from a proxy it will be extracted from the X-Forwarded-For header.

import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.ApplicationListener;
import org.springframework.security.authentication.event.AuthenticationFailureBadCredentialsEvent;
import org.springframework.stereotype.Component;

import javax.servlet.http.HttpServletRequest;

@Slf4j
@Component
public class AuthenticationFailureListener implements ApplicationListener<AuthenticationFailureBadCredentialsEvent> {

 @Autowired
 private HttpServletRequest request;

 @Override
 public void onApplicationEvent(AuthenticationFailureBadCredentialsEvent event) {
 final String xfHeader = request.getHeader("X-Forwarded-For");
 if (xfHeader == null){
 log.error("Failed login attempt for {} from {}", event.getAuthentication().getName(), request.getRemoteAddr());
 } else {
 log.error("Failed login attempt for {} from {}", event.getAuthentication().getName(), xfHeader.split(",")[0]);
 }
 }
}

If we add all that the code should be something similar to the snippet bellow

2022-08-17 02:22:51.377 ERROR 82022 --- [nio-8080-exec-4] .d.u.m.m.s.AuthenticationFailureListener : Failed login attempt for alexius from 0:0:0:0:0:0:0:1

Published on Java Code Geeks with permission by Alexius Diakogiannis, partner at our JCG program. See the original article here: Logging Failed and Successful Authentication Attempts with SpringBoot

Opinions expressed by Java Code Geeks contributors are their own.

Do you want to know how to develop your skillset to become a Java Rockstar?
Subscribe to our newsletter to start Rocking right now!
To get you started we give you our best selling eBooks for FREE!
1. JPA Mini Book
2. JVM Troubleshooting Guide
3. JUnit Tutorial for Unit Testing
4. Java Annotations Tutorial
5. Java Interview Questions
6. Spring Interview Questions
7. Android UI Design
and many more ....
I agree to the Terms and Privacy Policy

Thank you!

We will contact you soon.

👁 Photo of Alexius Diakogiannis
 Alexius DiakogiannisNovember 19th, 2022Last Updated: November 15th, 2022
0 1,866 2 minutes read

Alexius Diakogiannis

Author of JEE.gr, JEE Architect, Scrum Master, Enthusiastic Entrepreneur, Passionate Archer, Linux Lover and JAVA Geek!

Related Articles

Subscribe

This site uses Akismet to reduce spam. Learn how your comment data is processed.

0 Comments
Oldest
Newest Most Voted
Back to top button
Close
wpDiscuz