-
Bug
-
Resolution: Done
-
Minor
-
JBossAS-4.0.3 SP1
-
None
I'm interrogating an Active Directory server, which times out, using the LdapExtLoginModule. The method validatePassword in the module catches all exceptions, logs them and returns a boolean value, hiding whatever was the cause of the login failure.
The UserNamePassword handler responds with 'userid or password incorrect' which is incorrect. The cause of the login failure was a timeout, the causal exception information should be encapsulated and passed back.
Fixing this issue would provide more accurate errors at console level.
- relates to
-
SECURITY-370 validateError flag in UsernamePasswordLoginModule
- Closed