# Add Windows Login Diagnostic Logs ## Goal Add safe server-side diagnostic logs to the login/authentication path so a Windows-built deployment that returns `用户名或密码不正确。` can be diagnosed without exposing passwords, password hashes, or database credentials. ## What I Already Know * The previous frontend rebuild task is solved and has been archived. * On the Windows system build, login now reaches the invalid-credentials path: `用户名或密码不正确。` * The user believes the database connection is probably already working. * Existing login flow is `LoginServlet` -> `AuthServiceImpl` -> `JdbcUserDao.findActiveByUsername` -> `JdbcUtil`. * `AuthServiceImpl` currently logs only generic login failure/success/service-error messages. * Existing backend specs require login failures to keep the same generic user-facing message and to log server-side details for unavailable services. ## Requirements * Add diagnostic logging around login POST handling, authentication lookup, password verification outcome, and database configuration/connection attempts. * Logs must help distinguish: * request reached `LoginServlet`; * username normalization changed the submitted username; * active user row was not found; * user row was found but password verification failed; * database configuration was loaded and which JDBC URL/user key were used, with secrets redacted; * JDBC driver/connection failures if they happen. * Do not log raw passwords, password hashes, salts, database passwords, or full sensitive config values. * Preserve the current user-facing Chinese error message and login behavior. * Keep the implementation in the existing Servlet + service + DAO + JDBC stack. * Prefer `java.util.logging` patterns already used in the project. * Document and seed explicit local/demo initial credentials so new deployments are not blocked by unrecoverable password hashes: * `admin` / `admin123` * `librarian` / `librarian123` * `reader` / `reader123` * Make clear that these demo passwords are for local scaffold verification only and must be changed or removed before non-local/production use. ## Acceptance Criteria * [x] Login failure logs identify whether the username was absent, not found, or found with password mismatch. * [x] Login request logs include safe request diagnostics such as remote address, context path, redirect presence, and submitted username length or sanitized username. * [x] Database logs confirm `db.properties` loading and JDBC connection attempts with password redacted. * [x] No log statement outputs a raw password, password hash, salt, or database password. * [x] Existing login success/failure behavior remains unchanged for users. * [x] `mvn test` or the closest available Maven verification command succeeds. * [x] README lists the local/demo initial login accounts and passwords with an explicit non-production warning. * [x] `schema.sql` seed user hashes verify against the documented demo passwords for new deployments. * [x] Existing deployments have a documented SQL reset path or warning explaining that `INSERT IGNORE` will not overwrite existing user rows. ## Definition Of Done * Diagnostic logging implemented in source. * Maven verification run and results reported. * No database schema changes. * No unrelated frontend/layout changes. ## Out Of Scope * Changing password hashing rules or seed user credentials. * Adding a new logging framework. * Changing database schema or production credentials. * Reworking the login UI. * Committing generated build artifacts. ## Technical Notes * Likely impacted files: * `src/main/java/com/mzh/library/controller/LoginServlet.java` * `src/main/java/com/mzh/library/service/impl/AuthServiceImpl.java` * `src/main/java/com/mzh/library/dao/impl/JdbcUserDao.java` * `src/main/java/com/mzh/library/util/JdbcUtil.java` * Relevant specs: * `.trellis/spec/backend/logging-guidelines.md` * `.trellis/spec/backend/database-guidelines.md` * `.trellis/spec/backend/quality-guidelines.md` * Verification completed at 2026-04-28 18:22 +0800: * `/home/sjy/.sdkman/candidates/maven/current/bin/mvn test` passed with `BUILD SUCCESS`. * `/home/sjy/.sdkman/candidates/maven/current/bin/mvn package` passed with `BUILD SUCCESS` and produced `target/library-management.war`. * `git diff --check` passed. * Sensitive logger scan only found boolean password state fields, `password=`, and `password-mismatch` category labels. * Verification completed at 2026-04-28 18:33 +0800: * `PasswordHasher.verify` returned `true` for `admin/admin123`, `librarian/librarian123`, and `reader/reader123` against the updated `schema.sql` PBKDF2 hashes. * `/home/sjy/.sdkman/candidates/maven/current/bin/mvn verify` passed with `BUILD SUCCESS`. * `git diff --check` passed.