diff --git a/APPL/AUT/Login.inc b/APPL/AUT/Login.inc index 1277960dd5..ecf0a91096 100644 --- a/APPL/AUT/Login.inc +++ b/APPL/AUT/Login.inc @@ -615,7 +615,7 @@ function getIdentity(username, wachtwoord, params) if (founddata.count == S("prs_login_attempts") + 1 // Alleen eerste keer loggen || Application("otap_environment") == "O") // Maar altijd op OTAP { - shared.trackaction("AUTFAI", -1, L("lcl_autfai_toomany").format(founddata.count, S("prs_login_attempts"), username)); + shared.auditfail(L("lcl_autfai_toomany").format(founddata.count, S("prs_login_attempts"), username)); } result.fail_reason = L("lcl_prs_login_lockout").format(username, toISODateTimeString(dtRetry)); return result; @@ -926,7 +926,7 @@ function SecureSSO(ssoProps) else { // Automatisch naar het inlogscherm // Geen lcl nodig, deze SSO-variant vervalt (hopelijk) met 2018.1 - shared.trackaction("AUTFAI", -1, "Secure SSO login niet gevonden binnen Facilitor: " + strDecryptedCode); + shared.auditfail("Secure SSO login niet gevonden binnen Facilitor: " + strDecryptedCode); Response.Redirect(rooturl + "/default.asp"); } } @@ -1423,7 +1423,7 @@ function process_claim(claim, idp_data, params) } if (user_key < 0) { - shared.trackaction("AUTFAI", -1, L("lcl_autfai_loginnotfound").format(idpm.name.name, idpm.from, claim[idpm.from])); + shared.auditfail(L("lcl_autfai_loginnotfound").format(idpm.name.name, idpm.from, claim[idpm.from])); } else break; // ingelogd, niet verder zoeken diff --git a/APPL/AUT/login_save.asp b/APPL/AUT/login_save.asp index dda8936d78..8d047c0772 100644 --- a/APPL/AUT/login_save.asp +++ b/APPL/AUT/login_save.asp @@ -56,7 +56,7 @@ else else { result.message = ident.fail_reason; - shared.trackaction("AUTFAI", -1, L("lcl_autfai_loginfailed").format(nm, result.message)); + shared.auditfail(L("lcl_autfai_loginfailed").format(nm, result.message)); } } Response.Write(JSON.stringify(result)); diff --git a/APPL/AUT/pass2mail_save.asp b/APPL/AUT/pass2mail_save.asp index 94c46c13b3..719709e14d 100644 --- a/APPL/AUT/pass2mail_save.asp +++ b/APPL/AUT/pass2mail_save.asp @@ -46,7 +46,7 @@ if (oRs.eof) // SILENCE! (e-mail harvesting) Response.Write(L("lcl_pass2emailunknown")); // Gewoon altijd dezelfde tekst result.warning = L("lcl_pass2emailsent") + emailOrLogin; - shared.trackaction("AUTFAI", -1, L("lcl_autfai_forgotten").format(emailOrLogin)); // niet gevonden of had geen wachtwoord + shared.auditfail(L("lcl_autfai_forgotten").format(emailOrLogin)); // niet gevonden of had geen wachtwoord } else if ((oRs("prs_perslid_flags").Value & 2) == 2) result.warning = L("lcl_self_register_unconfirmed"); diff --git a/APPL/Shared/Common.inc b/APPL/Shared/Common.inc index 69a573a8c2..54cb2da703 100644 --- a/APPL/Shared/Common.inc +++ b/APPL/Shared/Common.inc @@ -272,7 +272,7 @@ if (S("sys_ip_lockmode") > 0) if (Session("last_ip") && Session("last_ip") != ip && !IP.inSubnet(Session("last_ip"), ip + "/16")) { var agent = String(Request.ServerVariables("HTTP_USER_AGENT")); - shared.trackaction("AUTFAI", -1, L("lcl_autfai_ipchange").format(Session("last_ip"), ip, agent), "#0ff"); + shared.auditfail(L("lcl_autfai_ipchange").format(Session("last_ip"), ip, agent), "#0ff"); // Simuleer logoff Session.Contents.Remove("last_ip"); Session("user_key")=user_key=-1; // geen remove hier, anders grijpt SSO direct weer in diff --git a/APPL/Shared/Shared.inc b/APPL/Shared/Shared.inc index 5534b158c9..9259410a1b 100644 --- a/APPL/Shared/Shared.inc +++ b/APPL/Shared/Shared.inc @@ -20,6 +20,13 @@ var shared = { putorders.sendnotifications(pkey, paction); }, + auditfail: + function (poms) + { + var sql = "INSERT INTO fac_auditfail (fac_auditfail_tekst) VALUES (" + safe.quoted_sql(poms, 2000) + ")"; + Oracle.Execute(sql); + }, + // Keep track of GUI actions, params.daily summarizes per day anonymously registeraction: function (pgroup, params)