I'm interrogating an Active Directory server, which times out, using the LdapExtLoginModule. The method validatePassword in the module catches all exceptions, logs them and returns a boolean value, hiding whatever was the cause of the login failure.

The UserNamePassword handler responds with 'userid or password incorrect' which is incorrect. The cause of the login failure was a timeout, the causal exception information should be encapsulated and passed back.

Fixing this issue would provide more accurate errors at console level.