I'm in the process of getting a Linux server running with nginx installed for a reverse proxy to manage a few sites. Anyways I would like to have a script run to monitor the access.log in nginx and look for any 401 errors, basically a failed log in attempt. This way I could setup my own type of notification. However when there is a failed log in attempt in Sab it doesn't throw a 401 error in the http headers. I figure it would be easier for you developers to show a 401 in the http header than to actually build in a failed log in attempt into Sab.
I've only found 1 other thread on this request - https://forums.sabnzbd.org/viewtopic.ph ... pts#p26289
Anyways I think this would be a nice feature to have showing a 401 error if there is a failed log in. I was using fiddler and all failed log ins just kept showing 200 OK's.
Thanks!
Show 401 on failed login attempt
Re: Show 401 on failed login attempt
We use the "basic authentication" protocol which is something
between the web framework and the browser.
Not much we can do about it, although we will be looking at a different login method in the future.
between the web framework and the browser.
Not much we can do about it, although we will be looking at a different login method in the future.
Re: Show 401 on failed login attempt
Oh ok, would there be any other way to see if there was an invalid log in attempt? Is anything stored into a log file?
Re: Show 401 on failed login attempt
You could enable web logging (start with option -w1 once).
Initial logins are logged as:
Correct accesses as:
The first log line also appears when asking for the username/password for the first time.
The first element is the IP that sends the request.
Depending on the platform, the info is logged in the regular sabnzbd.log files or cherrypy.log or not at all (OSX).
Web logging is a bit of a mess, because we never saw much use for it and considered it
more as a nuisance coming from the CherryPy framework.
Initial logins are logged as:
Code: Select all
127.0.0.1 - - [29/Aug/2012:22:44:49] "GET /sabnzbd HTTP/1.1" 401 169
Code: Select all
127.0.0.1 - pass [29/Aug/2012:22:45:24] "GET /sabnzbd HTTP/1.1" 303 97 The first element is the IP that sends the request.
Depending on the platform, the info is logged in the regular sabnzbd.log files or cherrypy.log or not at all (OSX).
Web logging is a bit of a mess, because we never saw much use for it and considered it
more as a nuisance coming from the CherryPy framework.
Re: Show 401 on failed login attempt
Thanks for the help Shypike!
Re: Show 401 on failed login attempt
0.7.4 will be logging this text in the regular log files:
The web logging will not be fixed, that will have to wait until we upgrade CherryPy.
Code: Select all
Attempt to login with wrong credentials from <ip-address>Re: Show 401 on failed login attempt
Ok, thanks for checking