Uploaded image for project: 'Application Server 3  4  5 and 6'
  1. Application Server 3 4 5 and 6
  2. JBAS-2588

LdapExtLoginModule 'hides' causal login exceptions which are then incorrectly reported as invalid Password/User

XMLWordPrintable

      I'm interrogating an Active Directory server, which times out, using the LdapExtLoginModule. The method validatePassword in the module catches all exceptions, logs them and returns a boolean value, hiding whatever was the cause of the login failure.

      The UserNamePassword handler responds with 'userid or password incorrect' which is incorrect. The cause of the login failure was a timeout, the causal exception information should be encapsulated and passed back.

      Fixing this issue would provide more accurate errors at console level.

              starksm64 Scott Stark (Inactive)
              javahollic_jira Andy Brook (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

                Created:
                Updated:
                Resolved: