You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@nifi.apache.org by jo...@apache.org on 2015/12/19 04:09:33 UTC
nifi git commit: NIFI-1294: - Updating exception handling to account
for a possible issue in an dependency.
Repository: nifi
Updated Branches:
refs/heads/master 0a58ab47b -> 05395eeca
NIFI-1294: - Updating exception handling to account for a possible issue in an dependency.
Signed-off-by: joewitt <jo...@apache.org>
Project: http://git-wip-us.apache.org/repos/asf/nifi/repo
Commit: http://git-wip-us.apache.org/repos/asf/nifi/commit/05395eec
Tree: http://git-wip-us.apache.org/repos/asf/nifi/tree/05395eec
Diff: http://git-wip-us.apache.org/repos/asf/nifi/diff/05395eec
Branch: refs/heads/master
Commit: 05395eeca597aefc1b96e0353e46b668f9056bbc
Parents: 0a58ab4
Author: Matt Gilman <ma...@gmail.com>
Authored: Fri Dec 18 18:46:21 2015 -0500
Committer: joewitt <jo...@apache.org>
Committed: Fri Dec 18 21:33:07 2015 -0500
----------------------------------------------------------------------
.../java/org/apache/nifi/ldap/LdapProvider.java | 41 ++++++++++++--------
1 file changed, 25 insertions(+), 16 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/nifi/blob/05395eec/nifi-nar-bundles/nifi-ldap-iaa-providers-bundle/nifi-ldap-iaa-providers/src/main/java/org/apache/nifi/ldap/LdapProvider.java
----------------------------------------------------------------------
diff --git a/nifi-nar-bundles/nifi-ldap-iaa-providers-bundle/nifi-ldap-iaa-providers/src/main/java/org/apache/nifi/ldap/LdapProvider.java b/nifi-nar-bundles/nifi-ldap-iaa-providers-bundle/nifi-ldap-iaa-providers/src/main/java/org/apache/nifi/ldap/LdapProvider.java
index b604be4..ce626d1 100644
--- a/nifi-nar-bundles/nifi-ldap-iaa-providers-bundle/nifi-ldap-iaa-providers/src/main/java/org/apache/nifi/ldap/LdapProvider.java
+++ b/nifi-nar-bundles/nifi-ldap-iaa-providers-bundle/nifi-ldap-iaa-providers/src/main/java/org/apache/nifi/ldap/LdapProvider.java
@@ -16,16 +16,6 @@
*/
package org.apache.nifi.ldap;
-import java.io.IOException;
-import java.security.KeyManagementException;
-import java.security.KeyStoreException;
-import java.security.NoSuchAlgorithmException;
-import java.security.UnrecoverableKeyException;
-import java.security.cert.CertificateException;
-import java.util.HashMap;
-import java.util.Map;
-import java.util.concurrent.TimeUnit;
-import javax.net.ssl.SSLContext;
import org.apache.commons.lang3.StringUtils;
import org.apache.nifi.authentication.AuthenticationResponse;
import org.apache.nifi.authentication.LoginCredentials;
@@ -41,15 +31,15 @@ import org.apache.nifi.security.util.SslContextFactory.ClientAuth;
import org.apache.nifi.util.FormatUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-import org.springframework.ldap.CommunicationException;
+import org.springframework.ldap.AuthenticationException;
import org.springframework.ldap.core.support.AbstractTlsDirContextAuthenticationStrategy;
import org.springframework.ldap.core.support.DefaultTlsDirContextAuthenticationStrategy;
import org.springframework.ldap.core.support.LdapContextSource;
import org.springframework.ldap.core.support.SimpleDirContextAuthenticationStrategy;
-import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider;
import org.springframework.security.ldap.authentication.BindAuthenticator;
import org.springframework.security.ldap.authentication.LdapAuthenticationProvider;
@@ -57,6 +47,17 @@ import org.springframework.security.ldap.search.FilterBasedLdapUserSearch;
import org.springframework.security.ldap.search.LdapUserSearch;
import org.springframework.security.ldap.userdetails.LdapUserDetails;
+import javax.net.ssl.SSLContext;
+import java.io.IOException;
+import java.security.KeyManagementException;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.UnrecoverableKeyException;
+import java.security.cert.CertificateException;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.concurrent.TimeUnit;
+
/**
* Abstract LDAP based implementation of a login identity provider.
*/
@@ -266,14 +267,22 @@ public class LdapProvider implements LoginIdentityProvider {
} else {
return new AuthenticationResponse(authentication.getName(), credentials.getUsername(), expiration, issuer);
}
- } catch (final CommunicationException | AuthenticationServiceException e) {
+ } catch (final BadCredentialsException | UsernameNotFoundException | AuthenticationException e) {
+ throw new InvalidLoginCredentialsException(e.getMessage(), e);
+ } catch (final Exception e) {
+ // there appears to be a bug that generates a InternalAuthenticationServiceException wrapped around an AuthenticationException. this
+ // shouldn't be the case as they the service exception suggestions that something was wrong with the service. while the authentication
+ // exception suggests that username and/or credentials were incorrect. checking the cause seems to address this scenario.
+ final Throwable cause = e.getCause();
+ if (cause instanceof AuthenticationException) {
+ throw new InvalidLoginCredentialsException(e.getMessage(), e);
+ }
+
logger.error(e.getMessage());
if (logger.isDebugEnabled()) {
logger.debug(StringUtils.EMPTY, e);
}
- throw new IdentityAccessException("Unable to query the configured directory server. See the logs for additional details.", e);
- } catch (final BadCredentialsException bce) {
- throw new InvalidLoginCredentialsException(bce.getMessage(), bce);
+ throw new IdentityAccessException("Unable to validate the supplied credentials. Please contact the system administrator.", e);
}
}