You want to look at authentication handlers, and the ones you are after typically extend this: https://github.com/Jasig/cas/blob/master/cas-server-core/src/main/java/org /jasig/cas/authentication/handler/support/AbstractUsernamePasswordAuthenti cationHandler.java
...and yes. It requires a little bit of coding. -Misagh > -----Original Message----- > From: bruiser [mailto:[email protected]] > Sent: Thursday, September 20, 2012 11:05 PM > To: [email protected] > Subject: [cas-dev] I would like see WHY a credential is considered bad in > audit log > > Hello All -- > > I have the CAS (3.5) inspektr audits logging to a file. I have been given a > requirement to show the WHY a credential is considered bad; i.e. either a bad > username or a bad password. I see in the server source what look like > applicable exceptions, such as the BadPasswordAuthenticationException and the > UnknownUsernameAuthenticationException, but I do not see where these are ever > thrown. > > Given this, where should I be looking in order to log the why of an > authentication credentials failure? I presume it will take a code change as I > do not see any declarative way of doing what I am after. Let me know what you > think. > > Thanks for a great application. It's been a real pleasure to work with so > far. > > Peace. > > > > -- > View this message in context: http://jasig.275507.n4.nabble.com/I-would-like- > see-WHY-a-credential-is-considered-bad-in-audit-log-tp4656295.html > Sent from the CAS Developers mailing list archive at Nabble.com. > > -- > You are currently subscribed to [email protected] as: > [email protected] To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-dev -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
