Hi all, Thank you for your suggestions. So when the signature validations exceptions are catched it's better to be logged as debug log with exceptions and warning log without exceptions.
Thanks. On Fri, Jul 28, 2017 at 2:38 PM, Ruwan Abeykoon <[email protected]> wrote: > Hi all, > > We log full trace in debug/error levels, but no trace in warn/info levels. > > e.g. > > catch (IdentitySAML2SSOException e) { > if (log.isDebugEnabled()) { > log.debug("Signature validation failed for the SAML Message : Failed > to construct the X509CredentialImpl for the alias : " + alias, e); > } > > log.warn("Signature validation failed for the SAML Message : Failed to > construct the X509CredentialImpl for the alias " + > alias); > return false; > > } > > > On Fri, Jul 28, 2017 at 1:40 PM, Rushmin Fernando <[email protected]> > wrote: > >> +1 for using warning message without the stack trace. But we have to add >> as much as context info to the log so that the life will be easier when >> coming to support front. >> >> On Fri, Jul 28, 2017 at 1:30 PM, Isura Karunaratne <[email protected]> >> wrote: >> >>> Hi Sugirjan, >>> >>> +1 for the warning message without printing the exception trace. We can >>> add exception trace as a debug log. >>> >>> Thanks >>> Isura. >>> >>> On Thu, Jul 20, 2017 at 6:47 PM, Sugirjan Ragunaathan <[email protected] >>> > wrote: >>> >>>> Hi, >>>> >>>> I'm working on the WSO2 public JIRA issue $subject [1]. >>>> >>>> In the Source code [2], when the SAML2 signature is validated and if >>>> validation exception is catched, then the exception is logged as well as >>>> debug message. >>>> >>>> } catch (ValidationException e) { >>>> if (log.isDebugEnabled()) { >>>> log.debug("SAML Signature validation failed from domain : " + >>>> domainName, e); >>>> } >>>> } >>>> >>>> >>>> In the Source code [3], if validation exception is catched, then the >>>> exception is logged as a warning message not as a debug message. >>>> >>>> } catch (IdentitySAML2SSOException e) { >>>> log.warn("Signature validation failed for the SAML Message : Failed to >>>> construct the X509CredentialImpl for the alias " + >>>> alias, e); >>>> return false; >>>> } >>>> >>>> What is the best implementation way for handling this exception? >>>> >>>> [1]Better if only warning is shown for signature verification failures >>>> (not the whole exception) <https://wso2.org/jira/browse/IDENTITY-3355> >>>> >>>> [2]https://github.com/wso2-extensions/identity-carbon-auth-s >>>> aml2/blob/v5.2.3/components/org.wso2.carbon.identity.authent >>>> icator.saml2.sso/src/main/java/org/wso2/carbon/identity/auth >>>> enticator/saml2/sso/SAML2SSOAuthenticator.java#L509 >>>> >>>> [3]https://github.com/wso2-extensions/identity-inbound-auth- >>>> saml/blob/v5.3.0/components/org.wso2.carbon.identity.sso.sam >>>> l/src/main/java/org/wso2/carbon/identity/sso/saml/util/SAMLS >>>> SOUtil.java#L882 >>>> >>>> Thanks. >>>> >>>> Regards, >>>> *R. Sugirjan* >>>> Software Engineering - Intern | WSO2 >>>> >>>> Email: [email protected] >>>> Mobile: +94768489892 <+94%2076%20848%209892> >>>> <http://wso2.com/signature> >>>> >>> >>> >>> >>> -- >>> >>> *Isura Dilhara Karunaratne* >>> Senior Software Engineer | WSO2 >>> Email: [email protected] >>> Mob : +94 772 254 810 <+94%2077%20225%204810> >>> Blog : http://isurad.blogspot.com/ >>> >>> >>> >>> >> >> >> -- >> *Best Regards* >> >> *Rushmin Fernando* >> *Technical Lead* >> >> WSO2 Inc. <http://wso2.com/> - Lean . Enterprise . Middleware >> >> mobile : +94775615183 >> >> >> > > > -- > > *Ruwan Abeykoon* > *Associate Director/Architect**,* > *WSO2, Inc. http://wso2.com <https://wso2.com/signature> * > *lean.enterprise.middleware.* > > regards, *R. Sugirjan* Software Engineering - Intern | WSO2 Email: [email protected] Mobile: +94768489892 <http://wso2.com/signature>
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
