On an auth failure the uid and the IP address should be logged to the standard log...

  This update works for a standard setup, when using a proxy for the server one can probably use the X-forwarded-for header
  instead of the remote address.

diff --git a/lib/base.php b/lib/base.php
index ea5adbadc9d9f7b04e1d7575d0f6d0b8a0ab3a3e..052444271c30b84b92d6ef0d3f0e96fee6d8495c 100644 (file)
--- a/lib/base.php
+++ b/lib/base.php
@@ -730,6 +730,8 @@ class OC {
                        // Someone wants to log in :
                } elseif (OC::tryFormLogin()) {
                        $error[] = 'invalidpassword';
+                       OC_Log::write('core', 'Login failed: user \''.$_POST["user"].'\' , wrong password, IP:'.$_SERVER['REMOTE_ADDR'],
+                       OC_Log::ERROR);
                }
 
                OC_Util::displayLoginPage(array_unique($error));