search

djoos / EscapeWSSEAuthenticationBundle

Symfony bundle to implement WSSE authentication
http://symfony.com/doc/current/cookbook/security/custom_authentication_provider.html
137 stars 59 forks source link

AuthenticationException log level #59

Closed VincentChalnot closed 9 years ago

VincentChalnot commented 9 years ago

Hello ! We had this webserver were the date was slightly in the past (4 minutes): the API kept returning 401 Unauthorized errors and there was absolutely no trace of the calls in the production log. In debug mode I found this: "Future token detected" which actually made sens but was logged with a "debug" level. I tried to figure out why no error was logged and I found this:

Escape\WSSEAuthenticationBundle\Security\Http\EntryPoint\EntryPoint:32

if($ae instanceof AuthenticationException)
{
    $this->logger->debug($ae->getMessage());
}

It seems to me that the criticality of the AuthenticationExceptions was a little bit underestimated (documentation) and should be at least a Warning.

Thanks for your awesome bundles by the way :)

djoos commented 9 years ago

Hi @VincentChalnot,

thanks for getting in touch!

Ok, your comment definitely makes sense... I've just upped the log level (5bb366e0e93dce689dae76436b0c43024b3ea0b8) and will be releasing 2.0.1 shortly...

Hope this helps!

Kind regards, David