From 59fa054d420b20f05fa70f009b802f65c4c10474 Mon Sep 17 00:00:00 2001
From: Johannes Meyer <johannes.meyer@icinga.com>
Date: Thu, 11 Jul 2019 14:41:17 +0200
Subject: [PATCH] AuthChain: Send failed login-attempts to the audit log

resolves #3855
---
 library/Icinga/Authentication/AuthChain.php | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/library/Icinga/Authentication/AuthChain.php b/library/Icinga/Authentication/AuthChain.php
index 7e7a10924..cdae75adb 100644
--- a/library/Icinga/Authentication/AuthChain.php
+++ b/library/Icinga/Authentication/AuthChain.php
@@ -3,6 +3,7 @@
 
 namespace Icinga\Authentication;
 
+use Icinga\Application\Hook\AuditHook;
 use Iterator;
 use Icinga\Application\Config;
 use Icinga\Application\Logger;
@@ -123,13 +124,17 @@ class AuthChain implements Authenticatable, Iterator
                 return true;
             }
         }
+
         if ($backendsTried === 0) {
             $this->error = static::EEMPTY;
         } elseif ($backendsTried === $backendsWithError) {
             $this->error = static::EFAIL;
         } elseif ($backendsWithError) {
             $this->error = static::ENOTALL;
+        } else {
+            AuditHook::logActivity('login-failed', 'User failed to authenticate', null, $user->getUsername());
         }
+
         return false;
     }