FCLT#52431 Informatie in logfiles beperken

svn path=/Website/trunk/; revision=37920

APPL/AUT/Login.inc

@@ -615,7 +615,7 @@ function getIdentity(username, wachtwoord, params)
         if (founddata.count == S("prs_login_attempts") + 1  // Alleen eerste keer loggen
                 || Application("otap_environment") == "O") // Maar altijd op OTAP
         {
-            shared.trackaction("AUTFAI", -1, L("lcl_autfai_toomany").format(founddata.count, S("prs_login_attempts"), username));
+            shared.auditfail(L("lcl_autfai_toomany").format(founddata.count, S("prs_login_attempts"), username));
         }
         result.fail_reason = L("lcl_prs_login_lockout").format(username, toISODateTimeString(dtRetry));
         return result;
@@ -926,7 +926,7 @@ function SecureSSO(ssoProps)
             else
             {   // Automatisch naar het inlogscherm
                 // Geen lcl nodig, deze SSO-variant vervalt (hopelijk) met 2018.1
-                shared.trackaction("AUTFAI", -1, "Secure SSO login niet gevonden binnen Facilitor: " + strDecryptedCode);
+                shared.auditfail("Secure SSO login niet gevonden binnen Facilitor: " + strDecryptedCode);
                 Response.Redirect(rooturl + "/default.asp");
             }
     	}
@@ -1423,7 +1423,7 @@ function process_claim(claim, idp_data, params)
         }
         if (user_key < 0)
         {
-            shared.trackaction("AUTFAI", -1, L("lcl_autfai_loginnotfound").format(idpm.name.name,  idpm.from, claim[idpm.from]));
+            shared.auditfail(L("lcl_autfai_loginnotfound").format(idpm.name.name,  idpm.from, claim[idpm.from]));
         }
         else
             break; // ingelogd, niet verder zoeken

APPL/AUT/login_save.asp

@@ -56,7 +56,7 @@ else
     else
     {
         result.message = ident.fail_reason;
-        shared.trackaction("AUTFAI", -1, L("lcl_autfai_loginfailed").format(nm, result.message));
+        shared.auditfail(L("lcl_autfai_loginfailed").format(nm, result.message));
     }
 }
 Response.Write(JSON.stringify(result));

APPL/AUT/pass2mail_save.asp

@@ -46,7 +46,7 @@ if (oRs.eof)
     // SILENCE! (e-mail harvesting) Response.Write(L("lcl_pass2emailunknown"));
     // Gewoon altijd dezelfde tekst
     result.warning = L("lcl_pass2emailsent") + emailOrLogin;
-    shared.trackaction("AUTFAI", -1, L("lcl_autfai_forgotten").format(emailOrLogin)); // niet gevonden of had geen wachtwoord
+    shared.auditfail(L("lcl_autfai_forgotten").format(emailOrLogin)); // niet gevonden of had geen wachtwoord
 }
 else if ((oRs("prs_perslid_flags").Value & 2) == 2)
     result.warning = L("lcl_self_register_unconfirmed");

APPL/Shared/Common.inc

@@ -272,7 +272,7 @@ if (S("sys_ip_lockmode") > 0)
     if (Session("last_ip") && Session("last_ip") != ip && !IP.inSubnet(Session("last_ip"), ip + "/16"))
     {
         var agent = String(Request.ServerVariables("HTTP_USER_AGENT"));
-        shared.trackaction("AUTFAI", -1, L("lcl_autfai_ipchange").format(Session("last_ip"), ip, agent), "#0ff");
+        shared.auditfail(L("lcl_autfai_ipchange").format(Session("last_ip"), ip, agent), "#0ff");
         // Simuleer logoff
         Session.Contents.Remove("last_ip");
         Session("user_key")=user_key=-1; // geen remove hier, anders grijpt SSO direct weer in

APPL/Shared/Shared.inc

@@ -20,6 +20,13 @@ var shared = {
                 putorders.sendnotifications(pkey, paction);
         },
 
+      auditfail:
+        function (poms)
+        {
+            var sql = "INSERT INTO fac_auditfail (fac_auditfail_tekst) VALUES (" + safe.quoted_sql(poms, 2000) + ")";
+            Oracle.Execute(sql);
+        },
+
       // Keep track of GUI actions, params.daily summarizes per day anonymously
       registeraction:
         function (pgroup, params)