[SHIRO-467] Authentication exception gets swallowed - ASF JIRA

Voters

Watch issue

Watchers

Link

Clone

Update Comment Author

Replace String in Comment

Update Comment Visibility

Delete Comments

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 1.2.1
Fix Version/s: 1.2.5
Component/s: Authentication (log-in)
Labels:
- patch
- patch-with-test

Description

We extend from AuthorizingRealm and when we have a bug in our implementation, the exception gets swallowed by AbstractAuthenticator.

A comment in the code mentions it needs a warn log, but no such statement is present:

if (ae == null)

{ //Exception thrown was not an expected AuthenticationException. Therefore it is probably a little more //severe or unexpected. So, wrap in an AuthenticationException, log to warn, and propagate: String msg = "Authentication failed for token submission [" + token + "]. Possible unexpected " + "error? (Typical or expected login exceptions should extend from AuthenticationException)."; ae = new AuthenticationException(msg, t); }

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Manage Attachments

shiro-467.patch
13/Nov/13 21:03
3 kB
Sven Ad

Activity

Comment

This comment will be Viewable by All Users Viewable by All Users

Cancel

People

Assignee:: Unassigned

Reporter:: Wouter de Vaal

Votes:: 1 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 23/Oct/13 07:07

Updated:: 08/Nov/16 16:44

Resolved:: 12/May/16 01:08

Agile

View on Board

Authentication exception gets swallowed

Details

Description

Attachments

Attachments

Activity

People

Dates

Agile

Slack

Issue deployment