Improved: LoginServices.userLogin: Respond "fail" instead of "error" to

avoid the (automatic service engine) logging of a stack trace on
missing/invalid credentials (OFBIZ-10507)

framework/common/src/main/java/org/apache/ofbiz/common/login/LoginServices.java

@@ -20,6 +20,7 @@
 package org.apache.ofbiz.common.login;
 
 import java.sql.Timestamp;
+import java.util.ArrayList;
 import java.util.Calendar;
 import java.util.LinkedHashMap;
 import java.util.LinkedList;
@@ -81,6 +82,11 @@ public static Map<String, Object> userLogin(DispatchContext ctx, Map<String, ?>
  Locale locale = (Locale) context.get("locale");
  Delegator delegator = ctx.getDelegator();
 
+ // Keep track of two different kinds of errors (UserOnly and DebugLog) and set the RESPONSE_MESSAGE of the
+ // service according to what kind of errors where thrown
+ List<String> userErrMsgs = new ArrayList<>();
+ List<String> debugErrMsgs = new ArrayList<>();
+
  // load the external auth modules -- note: this will only run once and cache the objects
  if (!AuthHelper.authenticatorsLoaded()) {
  AuthHelper.loadAuthenticators(dispatcher);
@@ -120,11 +126,10 @@ public static Map<String, Object> userLogin(DispatchContext ctx, Map<String, ?>
  // get the visitId for the history entity
  String visitId = (String) context.get("visitId");
 
- String errMsg = "";
  if (UtilValidate.isEmpty(username)) {
- errMsg = UtilProperties.getMessage(RESOURCE, "loginservices.username_missing", locale);
+ userErrMsgs.add(UtilProperties.getMessage(RESOURCE, "loginservices.username_missing", locale));
  } else if (UtilValidate.isEmpty(password) && UtilValidate.isEmpty(jwtToken)) {
- errMsg = UtilProperties.getMessage(RESOURCE, "loginservices.password_missing", locale);
+ userErrMsgs.add(UtilProperties.getMessage(RESOURCE, "loginservices.password_missing", locale));
  } else {
 
  if ("true".equalsIgnoreCase(EntityUtilProperties.getPropertyValue("security", "username.lowercase", delegator))) {
@@ -275,9 +280,9 @@ public static Map<String, Object> userLogin(DispatchContext ctx, Map<String, ?>
  Debug.logInfo("[LoginServices.userLogin] : Password Incorrect", MODULE);
  // password invalid...
  if (password != null) {
- errMsg = UtilProperties.getMessage(RESOURCE, "loginservices.password_incorrect", locale);
+ userErrMsgs.add(UtilProperties.getMessage(RESOURCE, "loginservices.password_incorrect", locale));
  } else if (jwtToken != null) {
- errMsg = UtilProperties.getMessage(RESOURCE, "loginservices.token_incorrect", locale);
+ userErrMsgs.add(UtilProperties.getMessage(RESOURCE, "loginservices.token_incorrect", locale));
  }
  // increment failed login count
  Long currentFailedLogins = userLogin.getLong("successiveFailedLogins");
@@ -400,28 +405,33 @@ public static Map<String, Object> userLogin(DispatchContext ctx, Map<String, ?>
  continue;
  }
  Map<String, Object> messageMap = UtilMisc.<String, Object>toMap("username", username);
- errMsg = UtilProperties.getMessage(RESOURCE, "loginservices.account_for_user_login_id_disabled", messageMap, locale);
+ userErrMsgs.add(UtilProperties.getMessage(RESOURCE, "loginservices.account_for_user_login_id_disabled", messageMap, locale));
+ StringBuilder tmpErrMsg = new StringBuilder();
  if (disabledDateTime != null) {
  messageMap = UtilMisc.<String, Object>toMap("disabledDateTime", disabledDateTime);
- errMsg += " " + UtilProperties.getMessage(RESOURCE, "loginservices.since_datetime", messageMap, locale);
+ tmpErrMsg.append(" ");
+ tmpErrMsg.append(UtilProperties.getMessage(RESOURCE, "loginservices.since_datetime", messageMap, locale));
  } else {
- errMsg += ".";
+ tmpErrMsg.append(".");
  }
 
  if (loginDisableMinutes > 0 && reEnableTime != null) {
  messageMap = UtilMisc.<String, Object>toMap("reEnableTime", reEnableTime);
- errMsg += " " + UtilProperties.getMessage(RESOURCE, "loginservices.will_be_reenabled", messageMap, locale);
+ tmpErrMsg.append(" ");
+ tmpErrMsg.append(UtilProperties.getMessage(RESOURCE, "loginservices.will_be_reenabled", messageMap, locale));
  } else {
- errMsg += " " + UtilProperties.getMessage(RESOURCE, "loginservices.not_scheduled_to_be_reenabled", locale);
+ tmpErrMsg.append(" ");
+ tmpErrMsg.append(UtilProperties.getMessage(RESOURCE, "loginservices.not_scheduled_to_be_reenabled", locale));
  }
+ userErrMsgs.add(tmpErrMsg.toString());
  }
  } else {
  // no userLogin object; there may be a non-syncing authenticator
  boolean externalAuth = false;
  try {
  externalAuth = AuthHelper.authenticate(username, password, isServiceAuth);
  } catch (AuthenticatorException e) {
- errMsg = e.getMessage();
+ debugErrMsgs.add(e.getMessage());
  Debug.logError(e, "External Authenticator had fatal exception : " + e.getMessage(), MODULE);
  }
  if (externalAuth) {
@@ -436,16 +446,33 @@ public static Map<String, Object> userLogin(DispatchContext ctx, Map<String, ?>
  // TODO: party + security information is needed; Userlogin will need to be stored
  } else {
  // userLogin record not found, user does not exist
- errMsg = UtilProperties.getMessage(RESOURCE, "loginservices.user_not_found", locale);
+ String errMsg = UtilProperties.getMessage(RESOURCE, "loginservices.user_not_found", locale);
+ userErrMsgs.add(errMsg);
  Debug.logInfo("[LoginServices.userLogin] Invalid User : '" + username + "'; " + errMsg, MODULE);
  }
  }
  }
  }
 
- if (!errMsg.isEmpty()) {
+ if (debugErrMsgs.size() > 0) {
+ result.put(ModelService.RESPONSE_MESSAGE, ModelService.RESPOND_ERROR);
+ } else if (userErrMsgs.size() > 0) {
  result.put(ModelService.RESPONSE_MESSAGE, ModelService.RESPOND_FAIL);
- result.put(ModelService.ERROR_MESSAGE, errMsg);
+ }
+ // if a technical error occurred then log all error message
+ List<String> messages = new ArrayList<>();
+ if (!debugErrMsgs.isEmpty()) {
+ messages.add(String.join(" / ", debugErrMsgs));
+ }
+ if (!userErrMsgs.isEmpty()) {
+ messages.add(String.join(" / ", userErrMsgs));
+ }
+ String allErrMsg = null;
+ if (!messages.isEmpty()) {
+ allErrMsg = String.join(" / ", messages);
+ }
+ if (allErrMsg != null) {
+ result.put(ModelService.ERROR_MESSAGE, allErrMsg);
  }
  return result;
  }