directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ralf Hauser (JIRA)" <j...@apache.org>
Subject [jira] Created: (DIRSERVER-640) bring error hints from CustomAuthenticators extending AbstractAuthenticator back to the client.
Date Sun, 11 Jun 2006 13:18:29 GMT
bring error hints from CustomAuthenticators extending AbstractAuthenticator back to the client.
-----------------------------------------------------------------------------------------------

         Key: DIRSERVER-640
         URL: http://issues.apache.org/jira/browse/DIRSERVER-640
     Project: Directory ApacheDS
        Type: Improvement

  Components: ldap  
    Versions: 1.0-RC3    
 Environment: windows/linux
    Reporter: Ralf Hauser


For the authentication, I use a CustomAuthenticator that extends AbstractAuthenticator.

If the authentication fails I use LdapAuthenticationException or LdapNoPermissionException
and I appreciate a lot to be able to provide some hint (String explanation) why the exception
was thrown.

Unfortunately, this hint never reaches the client. I only sees "error code 49 - Bind failed"
- the equivalent is visible in the server log as
<<Ldap Result
            Result code : (ResultCodeEnum[INVALIDCREDENTIALS=49]) invalidCredentials
            Matched DN : 'null'
            Error message : 'Bind failed'>>

It appears that the culprit is org.apache.directory.server.core.authn.AuthenticationService.bind(NextInterceptor
next, Name bindDn, byte[] credentials, List mechanisms, String saslAuthId) throws NamingException

 where that expception is caught, neither its class is analyzed in detail nor is there any
attempt to use "explanations" when re-throwing even though an LdapAuthenticationException
constructor does exist that takes a "msg" for explanations.

Therefore my suggestion: please make sure that it is possible to provide a user more information
by optionally appending an "explantion" to the 'Bind failed' a client currently sees in an
ldap client.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


Mime
View raw message