New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Improve user authorization #1944

merged 7 commits into from Mar 18, 2016


None yet
2 participants

bernd commented Mar 17, 2016

  • Fix user name in authorization error log messages and add HTTP verb and path to ease debugging.
  • Do not log a stack trace on authorization error.
  • Disable annoying AbstractValidatingSessionManager INFO warnings in log4j2 config.
  • Fix HTTP status code for authorization errors. (return 403 instead of 401)

@bernd bernd added this to the 2.0.0 milestone Mar 17, 2016

@edmundoa edmundoa self-assigned this Mar 17, 2016

} catch (AuthorizationException e) {"User " + subject + "not authorized.", e);
throw new NotAuthorizedException(e, "Basic realm=\"Graylog Server\"");
final String msg = String.format(Locale.US, "User [%s] not authorized. (%s %s)", userName,

This comment has been minimized.


edmundoa Mar 18, 2016


Just wondering: why do we need to use String.format for this?

This comment has been minimized.


bernd Mar 18, 2016


I just wanted to avoid using + to concatenate lots of strings. 😉


This comment has been minimized.


edmundoa commented Mar 18, 2016


edmundoa added a commit that referenced this pull request Mar 18, 2016

@edmundoa edmundoa merged commit e4f1b51 into master Mar 18, 2016

4 checks passed

ci-server-integration Jenkins build graylog2-server-integration-pr 746 has succeeded
ci-web-linter Jenkins build graylog-pr-linter-check 236 has succeeded
continuous-integration/travis-ci/pr The Travis CI build passed
continuous-integration/travis-ci/push The Travis CI build passed

@edmundoa edmundoa deleted the improve-user-authentication branch Mar 18, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment