karaf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Freeman Fang (JIRA)" <j...@apache.org>
Subject [jira] [Work started] (KARAF-3860) fix [KARAF-3373] Log lower level root cause exception in LDAPLoginModule.doLogin()
Date Tue, 21 Jul 2015 07:18:04 GMT

     [ https://issues.apache.org/jira/browse/KARAF-3860?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Work on KARAF-3860 started by Freeman Fang.
-------------------------------------------
> fix [KARAF-3373] Log lower level root cause exception in LDAPLoginModule.doLogin()
> ----------------------------------------------------------------------------------
>
>                 Key: KARAF-3860
>                 URL: https://issues.apache.org/jira/browse/KARAF-3860
>             Project: Karaf
>          Issue Type: Improvement
>          Components: karaf-security
>    Affects Versions: 2.4.2, 4.0.0
>            Reporter: Josef Ludvíček
>            Assignee: Freeman Fang
>              Labels: jaas
>         Attachments: KARAF-3860-improve-logging.patch
>
>
> There was several lines of code introduced by KARAF-3373, 
> {code:java}
>         } catch (CommunicationException ce) {
>             // explicitly catch CommunicationException as it my wrap a lower level root
cause.
>             String rootCause = null;
>             if (ce.getRootCause() != null)
>                 rootCause = ce.getRootCause().getMessage();
>             logger.warn("Can't connect to the LDAP server: {}", ce.getMessage(), rootCause);
>             throw new LoginException("Can't connect to the LDAP server: " + ce.getMessage());
>         } catch (Exception e) {
>             logger.warn("Can't connect to the LDAP server: {}", e.getMessage(), e);
>             throw new LoginException("Can't connect to the LDAP server: " + e.getMessage());
>         }
> {code}
> but in case of empty trust store, logs contained only anonymous bind failed:
> {code}
> 2015-07-17 10:40:13,786 | WARN  | qtp1137020936-97 | HttpChannel                    
 | 84 - org.eclipse.jetty.util - 9.2.10.v20150310 | Could not send response error 500: java.lang.IllegalStateException:
Committed                                                                                
                                                                                     
> 2015-07-17 10:40:17,478 | WARN  | qtp1137020936-98 | LDAPLoginModule                
 | 35 - org.apache.karaf.jaas.modules - 4.0.1.SNAPSHOT | Can't connect to the LDAP server:
anonymous bind failed: some.ldap.host:636                                                
                                                                                         
                   
> 2015-07-17 10:40:17,479 | ERROR | qtp1137020936-98 | JaasSecurityProvider           
 | 109 - org.apache.karaf.webconsole.console - 4.0.1.SNAPSHOT | General Security Exception
> javax.security.auth.login.LoginException: Can't connect to the LDAP server: anonymous
bind failed: some.ldap.host.com:636 
> {code}
> Please consider attached patch, as it logs all exceptions along with stacktrace.
> {code}
> 2015-07-17 10:53:44,270 | WARN  | qtp149032581-115 | LDAPLoginModule                
 | 35 - org.apache.karaf.jaas.modules - 4.0.1.SNAPSHOT | Can't connect to the LDAP server:
anonymous bind failed: some.ldap.host.com:636                                            
                                                                                         
                    
> javax.naming.CommunicationException: anonymous bind failed: some.ldap.host.com:636  [Root
exception is javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException:
the trustAnchors parameter must be non-empty]                                            
                                                               
> ...
> ...
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message