Determining Which Application a User is Logging in From
Platform Notice: Server and Data Center Only - This article only applies to Atlassian products on the server and data center platforms.
A user is attempting to log in over and over with invalid credentials. This is probably an automated process, and needs to be found. We don't even know which application they are trying to log in to.
The following appears in the
2018-05-23 16:17:29,037 http-nio-8095-exec-15 INFO [crowd.manager.application.ApplicationServiceGeneric] Invalid credentials for user baduser in directory Support Crowd server (131073), aborting
We can enable some additional logging that will show which connected Application the user is attempting to log in from.
On the Logging and Profiling page in Crowd, add DEBUG logging for the following package:
Next time the user attempts to log in, there will be an additional message showing which application they came from:
2018-05-23 16:19:47,524 http-nio-8095-exec-17 DEBUG [crowd.manager.application.ApplicationServiceGeneric] Trying to authenticate user baduser in directory Support Crowd server (131073) for application confluence663