From b28e781c50df79ceeb97c48ba171e1e66461cc7b Mon Sep 17 00:00:00 2001 From: "Zaiming (Stone) Shi" Date: Thu, 28 Sep 2023 18:37:11 +0200 Subject: [PATCH] fix(ldap-sso): do not log error level when invalid user credentials --- apps/emqx_dashboard_sso/src/emqx_dashboard_sso_ldap.erl | 4 +++- apps/emqx_ldap/src/emqx_ldap.erl | 2 +- apps/emqx_ldap/src/emqx_ldap_bind_worker.erl | 4 +++- 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/apps/emqx_dashboard_sso/src/emqx_dashboard_sso_ldap.erl b/apps/emqx_dashboard_sso/src/emqx_dashboard_sso_ldap.erl index dd354a007..5591d4f1e 100644 --- a/apps/emqx_dashboard_sso/src/emqx_dashboard_sso_ldap.erl +++ b/apps/emqx_dashboard_sso/src/emqx_dashboard_sso_ldap.erl @@ -131,8 +131,10 @@ login( {bind, Entry#eldap_entry.object_name, Sign} ) of - ok -> + {ok, #{result := ok}} -> ensure_user_exists(Username); + {ok, #{result := invalidCredentials} = Reason} -> + {error, Reason}; {error, _} = Error -> Error end; diff --git a/apps/emqx_ldap/src/emqx_ldap.erl b/apps/emqx_ldap/src/emqx_ldap.erl index 66ce11e20..394687bc5 100644 --- a/apps/emqx_ldap/src/emqx_ldap.erl +++ b/apps/emqx_ldap/src/emqx_ldap.erl @@ -249,7 +249,7 @@ do_ldap_query( #{pool_name := PoolName} = State ) -> LogMeta = #{connector => InstId, search => SearchOptions, state => emqx_utils:redact(State)}, - ?TRACE("QUERY", "ldap_connector_received", LogMeta), + ?TRACE("QUERY", "ldap_connector_received_query", LogMeta), case ecpool:pick_and_do( PoolName, diff --git a/apps/emqx_ldap/src/emqx_ldap_bind_worker.erl b/apps/emqx_ldap/src/emqx_ldap_bind_worker.erl index 27310c7ff..e3605f523 100644 --- a/apps/emqx_ldap/src/emqx_ldap_bind_worker.erl +++ b/apps/emqx_ldap/src/emqx_ldap_bind_worker.erl @@ -80,7 +80,9 @@ on_query( ldap_connector_query_return, #{result => ok} ), - ok; + {ok, #{result => ok}}; + {error, invalidCredentials} -> + {ok, #{result => invalidCredentials}}; {error, Reason} -> ?SLOG( error,