Skip to content

improve uba_audit logging

Pavlo Mashliakovskiy requested to merge fix/securityExceptionLogging into master
  • throws a <<<ubErrElsInvalidUserOrPwd>>> instead of <<<Access deny>>> in case of invalid user name or password during login
  • uba_audit will contain a target username for LOGIN_FAILS action instead of empty string (retrieved from new property Session.pendingUserName)
  • uba_audit SECURITY_VIOLATION will contain a target username even in case login is in pending state (before it was empty)

Merge request reports

Loading