Uploaded image for project: 'Shiro'
  1. Shiro
  2. SHIRO-467

Authentication exception gets swallowed

    XMLWordPrintableJSON

    Details

      Description

      We extend from AuthorizingRealm and when we have a bug in our implementation, the exception gets swallowed by AbstractAuthenticator.

      A comment in the code mentions it needs a warn log, but no such statement is present:

      if (ae == null)

      { //Exception thrown was not an expected AuthenticationException. Therefore it is probably a little more //severe or unexpected. So, wrap in an AuthenticationException, log to warn, and propagate: String msg = "Authentication failed for token submission [" + token + "]. Possible unexpected " + "error? (Typical or expected login exceptions should extend from AuthenticationException)."; ae = new AuthenticationException(msg, t); }

        Attachments

        1. shiro-467.patch
          3 kB
          Sven Ad

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              wouterv Wouter de Vaal
            • Votes:
              1 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: