You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@activemq.apache.org by ch...@apache.org on 2011/12/15 14:53:51 UTC

svn commit: r1214759 - /activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/CertificateLoginModule.scala

Author: chirino
Date: Thu Dec 15 13:53:50 2011
New Revision: 1214759

URL: http://svn.apache.org/viewvc?rev=1214759&view=rev
Log:
Fixes APLO-110 : Provide more information in case of authentication failure

Modified:
    activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/CertificateLoginModule.scala

Modified: activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/CertificateLoginModule.scala
URL: http://svn.apache.org/viewvc/activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/CertificateLoginModule.scala?rev=1214759&r1=1214758&r2=1214759&view=diff
==============================================================================
--- activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/CertificateLoginModule.scala (original)
+++ activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/CertificateLoginModule.scala Thu Dec 15 13:53:50 2011
@@ -131,7 +131,8 @@ class CertificateLoginModule extends Log
       case Some(file)=>
 
         val users = file_cache.get(file) match {
-          case None => throw new LoginException("Invalid login module configuration")
+          case None =>
+            throw new LoginException("Invalid login module configuration")
           case Some(x) => x
         }
 
@@ -149,12 +150,11 @@ class CertificateLoginModule extends Log
             debug("Distinguished name: '%s' not found in dn file", dn)
           }
         }
-
-        if (principals.isEmpty) {
-          throw new FailedLoginException("Does not have a listed distinguished name")
-        }
     }
 
+    if (principals.isEmpty) {
+      throw new FailedLoginException("Unknown distinguished names: ["+certificates.map(_.getSubjectX500Principal.getName).mkString(";")+"]")
+    }
     return true
   }