I had run into this same issue with an unrelated Acegi app
that I
designed about 18 months ago. Unfortunately, Acegi captures
Exceptions
(and in Spring/Acegi fashion, this includes
RuntimeExceptions) and logs
all authentication events (success, failure, errors) as
warnings. This
is probably why you (Roller) set the Acegi logging level to
ERROR. We
have to either log too much stuff, like successful logins,
or we ignore
Acegi authentication system level errors (this is the
definition of
AuthenticationFailureServiceExceptionEvent, which we are
getting a
subclass of in this case).
I think that the Acegi code should use at least two
different commons
logging levels depending on source exception type, but I'm
not using my
time to pursue that. I doubt they would change this, due to
impact on
stable apps that have expectations about what and where auth
stuff gets
logged now.
Anil Gangolli wrote:
>
> I agree. Was there any Roller code in the stack at the
point where
> the exception is still distinguishable? If so, I'd
like to at least
> add a log message. --a.
>
> ----- Original Message ----- From: "Blaine
Simpson"
> <blaine.simpson admc.com>
> To: <roller-devincubator.apache.org>
> Sent: Sunday, December 24, 2006 3:09 PM
> Subject: Re: logins failing with no diagnostics
>
>
>> Disregard request. Problem was due to Acegi not
using the Hibernate
>> schema setting.
>>
>> Would have been very simple to diagnose if the SQL
exception (for
>> missing table, due to the schema being wrong) were
logged as an error
>> instead of being handled as if it were an expected
authentication
>> failure.
>>
>
--
Cell: 703-944-9317
|