0.4.1.dev0 install issue prevents recording login attempts

[odalton]

Plone site running: Plone 5.0.8 (5018) CMF 2.2.10 Zope 2.13.26 Python 2.7.13 (default, Mar 27 2017, 19:54:58) [GCC 4.8.5] PIL 3.3.0 (Pillow)

Description: The LLO table that shows the users details and the number of login attempts is not visible in the admin UI. No errors in FG console or when the product is installed. Tested on buildout running RelStorage and without RelStorage.

def listGroupedAttempts(self):
    """Return attempts but grouped
        (plone_members, non_plone_members)
    """
    mt = getToolByName(self, 'portal_membership')
    memberIds = mt.listMemberIds()
    # memberIds = ['oliver.dalton'] and this user has > 3 failed attempts.
    all_loggin_tries = self._getPlugin().listAttempts()
    # all_loggin_tries = [], this is returning an empty list

[djay]

Are you able to create a failing test? We can't reproduce this issue. The attempts history seems to be working fine in both the functional tests and local manual testing

[djay]

The plugin relies on the current order of PAS plugins as outlined in the readme. Have you checked that is correct?

[odalton]

Hi @djay Im not sure where to start when It comes to writing a failing test. However I ran your debug steps from the readme and noticed this. In your example, the credentials_basic_auth is not present.

This is a default plone 5 site with no other addons installed apart from the LLO.

pas = app.acl_users registry = pas.plugins interface = registry._getInterfaceFromName('IChallengePlugin') registry.listPlugins(interface) [('credentials_basic_auth', <HTTPBasicAuthHelper at /acl_users/credentials_basic_auth>), ('login_lockout_plugin', <LoginLockout at /acl_users/login_lockout_plugin>)]

pas = app.getPhysicalRoot().acl_users registry = pas.plugins interface = registry._getInterfaceFromName('IAnonymousUserFactoryPlugin') registry.listPlugins(interface) [('login_lockout_plugin', <LoginLockout at /acl_users/login_lockout_plugin>)]

[djay]

@odalton there are two plugins installed. One in your plone site and one in the root of your zope instance. I assume both screenshots are for the plone plugin not the root zope. You can see that the challenge plugin is not last on the list as its supposed to be. I will make the instructions clearer. How did you install it to get it so that the plugin is not last? DId you reinstall anything on top? I might have to think of ways to ensure the plugins are always in the right order.

[djay]

Sorry I meant the challenge plugin should be at the top. Your code sample shows it at the bottom and your screenshot shows it at the top so its unclear what is going on

[odalton]

@djay - I was moving the order through the UI in an attempt to make it shift to the 1st position in the Challenge Plugin list. However, as you noticed I was doing this on my sites acl_users Challenge Plugin and not the Zope's Challenge Plugin. Updating this made the plugin work right away. Thanks for you help

[djay]

@odalton so the problem was that it wasn't the top plugin for Challenge in the root?

[djay]

because the current installer doesn't ensure the root plugin is the top challenge plugin so that is a bug

[djay]

@odalton looking at the code I can't see how the order of the challenge plugin on the root of zope would make a difference to recording incorrect logins. Can you confirm that is really want made the plugin work?

[djay]

I suspect the problem was with the root IAnonymousUserFactoryPlugin. That is what records the attempts.