[
https://issues.apache.org/jira/browse/OFBIZ-10507?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16572861#comment-16572861 ]
Deepak Dixit commented on OFBIZ-10507:
--------------------------------------
Also we can have two type of generic message, In this case CSR or admin user can identify based on message.
* if username/password incorrect or user not exits, (Username and/or password incorrect)
* if user account is disabled, (There was a problem with your request. Please try again later)
These are some example, we can have much better error message for this use case :)
> LoginServices.userLogin: Respond "fail" instead of "error" to avoid the (automatic service engine) logging of a stack trace on missing/invalid credentials
> ----------------------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: OFBIZ-10507
> URL:
https://issues.apache.org/jira/browse/OFBIZ-10507> Project: OFBiz
> Issue Type: Improvement
> Components: framework
> Reporter: Benjamin Jugl
> Assignee: Benjamin Jugl
> Priority: Minor
> Attachments: OFBIZ-10507_org.apache.ofbiz.common.login.LoginServices.patch
>
>
> There are a lot of login-related entries in the logfile, that stem from user related errors (like no or wrong password, user not found and so on). To reduce this, the patch introduces a distinction between ERROR messages and FAIL messages in the Service-Result.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
Locked
