You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@directory.apache.org by "Emmanuel Lecharny (JIRA)" <ji...@apache.org> on 2009/08/15 10:43:15 UTC
[jira] Updated: (DIRSERVER-640) bring error hints from
CustomAuthenticators extending AbstractAuthenticator back to the client.
[ https://issues.apache.org/jira/browse/DIRSERVER-640?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Emmanuel Lecharny updated DIRSERVER-640:
----------------------------------------
Fix Version/s: (was: 1.5.6)
2.0.0-RC1
Moved to 2.0.0-RC1, we won't release a 1.5.6
> bring error hints from CustomAuthenticators extending AbstractAuthenticator back to the client.
> -----------------------------------------------------------------------------------------------
>
> Key: DIRSERVER-640
> URL: https://issues.apache.org/jira/browse/DIRSERVER-640
> Project: Directory ApacheDS
> Issue Type: Improvement
> Components: ldap
> Affects Versions: 1.0-RC3
> Environment: windows/linux
> Reporter: Ralf Hauser
> Fix For: 2.0.0-RC1
>
> Attachments: AuthenticationService.java.patch
>
>
> For the authentication, I use a CustomAuthenticator that extends AbstractAuthenticator.
> If the authentication fails I use LdapAuthenticationException or LdapNoPermissionException and I appreciate a lot to be able to provide some hint (String explanation) why the exception was thrown.
> Unfortunately, this hint never reaches the client. I only sees "error code 49 - Bind failed" - the equivalent is visible in the server log as
> <<Ldap Result
> Result code : (ResultCodeEnum[INVALIDCREDENTIALS=49]) invalidCredentials
> Matched DN : 'null'
> Error message : 'Bind failed'>>
> It appears that the culprit is org.apache.directory.server.core.authn.AuthenticationService.bind(NextInterceptor next, Name bindDn, byte[] credentials, List mechanisms, String saslAuthId) throws NamingException
> where that expception is caught, neither its class is analyzed in detail nor is there any attempt to use "explanations" when re-throwing even though an LdapAuthenticationException constructor does exist that takes a "msg" for explanations.
> Therefore my suggestion: please make sure that it is possible to provide a user more information by optionally appending an "explantion" to the 'Bind failed' a client currently sees in an ldap client.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.