Determining Which Application a User is Logging in From
Platform notice: Server and Data Center only. This article only applies to Atlassian products on the Server and Data Center platforms.
Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.
*Except Fisheye and Crucible
Problem
A user is attempting to log in over and over with invalid credentials. This is probably an automated process, and needs to be found. We don't even know which application they are trying to log in to.
The following appears in the atlassian-crowd.log
2018-05-23 16:17:29,037 http-nio-8095-exec-15 INFO [crowd.manager.application.ApplicationServiceGeneric] Invalid credentials for user baduser in directory Support Crowd server (131073), aborting
Solution
We can enable some additional logging that will show which connected Application the user is attempting to log in from.
On the Logging and Profiling page in Crowd, add DEBUG logging for the following package:
com.atlassian.crowd.manager.application.ApplicationServiceGeneric
Next time the user attempts to log in, there will be an additional message showing which application they came from:
2018-05-23 16:19:47,524 http-nio-8095-exec-17 DEBUG [crowd.manager.application.ApplicationServiceGeneric] Trying to authenticate user baduser in directory Support Crowd server (131073) for application confluence663