-
Type:
Bug
-
Status: Closed
-
Priority:
Major
-
Resolution: Fixed
-
Affects Version/s: 1.2.1
-
Fix Version/s: 1.2.5
-
Component/s: Authentication (log-in)
-
Labels:
We extend from AuthorizingRealm and when we have a bug in our implementation, the exception gets swallowed by AbstractAuthenticator.
A comment in the code mentions it needs a warn log, but no such statement is present:
if (ae == null)
{ //Exception thrown was not an expected AuthenticationException. Therefore it is probably a little more //severe or unexpected. So, wrap in an AuthenticationException, log to warn, and propagate: String msg = "Authentication failed for token submission [" + token + "]. Possible unexpected " + "error? (Typical or expected login exceptions should extend from AuthenticationException)."; ae = new AuthenticationException(msg, t); }