feature #31554 [SECURITY] AbstractAuthenticationListener.php error instead info. Rebase of #28462 (berezuev)

fabpot · fabpot · commit 87a6f0440931 · 2019-07-08T11:56:07.000+02:00
This PR was merged into the 4.4 branch. Discussion ---------- [SECURITY] AbstractAuthenticationListener.php error instead info. Rebase of #28462 | Q | A | ------------- | --- | Branch? | 4.4 | -- | -- | Bug fix? | yes | New feature? | no | BC breaks? | no I think | Deprecations? | no | Tests pass? | yes | Fixed tickets | ... | License | MIT Rebase of #28462. Origin description: > ``` > [2018-09-13 20:43:38] security.INFO: Authentication request failed. {"exception":"[object] (Symfony\\Component\\Security\\Core\\Exception\\AuthenticationServiceException(code: 0): An exception occurred while executing > ... > Doctrine\\DBAL\\Driver\\PDOException(code: 42S22): SQLSTATE[42S22]: Column not found: 1054 Unknown column 't0.phone' in 'field list' at > ``` > > Definitely I think this is NOT info, but error. > And since it's info, it's not logged in production because of `fingers_crossed` with `action_level: error` - so to actually see the real error behind `Authentication request could not be processed due to a system problem.` I had to debug on production. Very bad practice IMHO. Commits ------- 867eb78 [SECURITY] AbstractAuthenticationListener.php error instead info. Rebase of #28462
diff --git a/src/Symfony/Component/Security/Http/Firewall/AbstractAuthenticationListener.php b/src/Symfony/Component/Security/Http/Firewall/AbstractAuthenticationListener.php
@@ -176,7 +176,7 @@ abstract protected function attemptAuthentication(Request $request);
     private function onFailure(Request $request, AuthenticationException $failed)
     {
         if (null !== $this->logger) {
-            $this->logger->info('Authentication request failed.', ['exception' => $failed]);
+            $this->logger->error('Authentication request failed.', ['exception' => $failed]);
         }
 
         $token = $this->tokenStorage->getToken();

Original file line number	Diff line number	Diff line change
`@@ -176,7 +176,7 @@ abstract protected function attemptAuthentication(Request $request);`
`176`	`176`	`private function onFailure(Request $request, AuthenticationException $failed)`
`177`	`177`	`{`
`178`	`178`	`if (null !== $this->logger) {`
`179`		`- $this->logger->info('Authentication request failed.', ['exception' => $failed]);`
	`179`	`+ $this->logger->error('Authentication request failed.', ['exception' => $failed]);`
`180`	`180`	`}`
`181`	`181`
`182`	`182`	`$token = $this->tokenStorage->getToken();`