Index: src/main/java/org/apache/karaf/webconsole/JaasSecurityProvider.java
===================================================================
--- src/main/java/org/apache/karaf/webconsole/JaasSecurityProvider.java (revision 963620)
+++ src/main/java/org/apache/karaf/webconsole/JaasSecurityProvider.java (working copy)
@@ -17,18 +17,26 @@
package org.apache.karaf.webconsole;
import java.io.IOException;
+import java.security.GeneralSecurityException;
+
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
+import javax.security.auth.login.AccountException;
+import javax.security.auth.login.FailedLoginException;
import javax.security.auth.login.LoginContext;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
import org.apache.felix.webconsole.WebConsoleSecurityProvider;
public class JaasSecurityProvider implements WebConsoleSecurityProvider {
+ private static final Log LOG = LogFactory.getLog(WebConsoleSecurityProvider.class);
+
private String realm;
public String getRealm() {
@@ -57,9 +65,16 @@
});
loginContext.login();
return subject;
- } catch (Exception e) {
+ } catch (FailedLoginException e) {
+ LOG.debug("Login failed", e);
return null;
- }
+ } catch (AccountException e) {
+ LOG.warn("Account failure", e);
+ return null;
+ } catch (GeneralSecurityException e) {
+ LOG.error("General Security Exception", e);
+ return null;
+ }
}
public boolean authorize(Object o, String s) {
Index: pom.xml
===================================================================
--- pom.xml (revision 963620)
+++ pom.xml (working copy)
@@ -47,6 +47,11 @@
org.apache.felix.webconsole
provided
+
+ commons-logging
+ commons-logging
+ provided
+