logs

sureshanaparti · sureshanaparti · commit ffebb3ea0466 · 2026-02-13T14:45:31.000+05:30
diff --git a/server/src/main/java/com/cloud/api/ApiServlet.java b/server/src/main/java/com/cloud/api/ApiServlet.java
@@ -34,6 +34,7 @@
 import javax.servlet.http.HttpServletResponse;
 import javax.servlet.http.HttpSession;
 
+import com.cloud.api.auth.DefaultForgotPasswordAPIAuthenticatorCmd;
 import org.apache.cloudstack.api.ApiConstants;
 import org.apache.cloudstack.api.ApiErrorCode;
 import org.apache.cloudstack.api.ApiServerService;
@@ -225,7 +226,6 @@ void processRequestInContext(final HttpServletRequest req, final HttpServletResp
             }
 
             if (command != null && !command.equals(ValidateUserTwoFactorAuthenticationCodeCmd.APINAME)) {
-
                 APIAuthenticator apiAuthenticator = authManager.getAPIAuthenticator(command);
                 if (apiAuthenticator != null) {
                     auditTrailSb.append("command=");
@@ -261,7 +261,9 @@ void processRequestInContext(final HttpServletRequest req, final HttpServletResp
                     } catch (ServerApiException e) {
                         httpResponseCode = e.getErrorCode().getHttpCode();
                         responseString = e.getMessage();
-                        LOGGER.debug("Authentication failure: " + e.getMessage());
+                        if (!DefaultForgotPasswordAPIAuthenticatorCmd.APINAME.equalsIgnoreCase(command) || StringUtils.isNotBlank(username)) {
+                            LOGGER.debug("Authentication failure: {}", e.getMessage());
+                        }
                     }
 
                     if (apiAuthenticator.getAPIType() == APIAuthenticationType.LOGOUT_API) {
@@ -329,7 +331,7 @@ void processRequestInContext(final HttpServletRequest req, final HttpServletResp
                     }
                 }
 
-                if (! requestChecksoutAsSane(resp, auditTrailSb, responseType, params, session, command, userId, account, accountObj))
+                if (!requestChecksoutAsSane(resp, auditTrailSb, responseType, params, session, command, userId, account, accountObj))
                     return;
             } else {
                 CallContext.register(accountMgr.getSystemUser(), accountMgr.getSystemAccount());
@@ -359,7 +361,6 @@ void processRequestInContext(final HttpServletRequest req, final HttpServletResp
                         apiServer.getSerializedApiError(HttpServletResponse.SC_UNAUTHORIZED, "unable to verify user credentials and/or request signature", params,
                                 responseType);
                 HttpUtils.writeHttpResponse(resp, serializedResponse, HttpServletResponse.SC_UNAUTHORIZED, responseType, ApiServer.JSONcontentType.value());
-
             }
         } catch (final ServerApiException se) {
             final String serializedResponseText = apiServer.getSerializedApiError(se, params, responseType);
diff --git a/server/src/main/java/com/cloud/api/auth/DefaultForgotPasswordAPIAuthenticatorCmd.java b/server/src/main/java/com/cloud/api/auth/DefaultForgotPasswordAPIAuthenticatorCmd.java
@@ -44,13 +44,13 @@
 import java.util.List;
 import java.util.Map;
 
-@APICommand(name = "forgotPassword",
+@APICommand(name = DefaultForgotPasswordAPIAuthenticatorCmd.APINAME,
         description = "Sends an email to the user with a token to reset the password using resetPassword command.",
         since = "4.20.0.0",
         requestHasSensitiveInfo = true,
         responseObject = SuccessResponse.class)
 public class DefaultForgotPasswordAPIAuthenticatorCmd extends BaseCmd implements APIAuthenticator {
-
+    public static final String APINAME = "forgotPassword";
 
     /////////////////////////////////////////////////////
     //////////////// API parameters /////////////////////
@@ -108,10 +108,12 @@ public String authenticate(String command, Map<String, Object[]> params, HttpSes
                 if (userDomain != null) {
                     domainId = userDomain.getId();
                 } else {
+                    logger.debug("Unable to find the domain from the path {}", domain);
                     throw new ServerApiException(ApiErrorCode.PARAM_ERROR, String.format("Unable to find the domain from the path %s", domain));
                 }
                 final UserAccount userAccount = _accountService.getActiveUserAccount(username[0], domainId);
                 if (userAccount != null && List.of(User.Source.SAML2, User.Source.OAUTH2, User.Source.LDAP).contains(userAccount.getSource())) {
+                    logger.debug("Forgot Password is not allowed for the user {} from source {}", username[0], userAccount.getSource());
                     throw new ServerApiException(ApiErrorCode.PARAM_ERROR, "Forgot Password is not allowed for this user");
                 }
                 boolean success = _apiServer.forgotPassword(userAccount, userDomain);
