[
https://issues.apache.org/jira/browse/APLO-125?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Hiram Chirino resolved APLO-125.
--------------------------------
Resolution: Fixed
Assignee: Hiram Chirino
I've just committed a fix which should provide the end user a better error
message.
> Client authentication error message
> -----------------------------------
>
> Key: APLO-125
> URL: https://issues.apache.org/jira/browse/APLO-125
> Project: ActiveMQ Apollo
> Issue Type: Improvement
> Components: apollo-broker
> Affects Versions: 1.0-beta6
> Reporter: David Corticchiato
> Assignee: Hiram Chirino
> Priority: Minor
> Fix For: 1.0
>
>
> The LoginModule returns a LoginException when an authentication fail. This
> exception can have different messages (the exception cause).
> The problem is : when a client is already connected, he get the same error
> message as if the login/password was wrong : "Authentication failed.
> Credentials=[user=xxx]"
> I think there is 2 possibility :
> 1) The more simple : Send the exception reason to client
> 2) The more secure (I think) : catch and send a differrent message for these
> exceptions :
> javax.security.auth.login.AccountException
> javax.security.auth.login.AccountExpiredException
> javax.security.auth.login.AccountLockedException (The one that interrests me
> in this case)
> javax.security.auth.login.AccountNotFoundException
> javax.security.auth.login.CredentialException
> javax.security.auth.login.CredentialExpiredException
> javax.security.auth.login.CredentialNotFoundException
> javax.security.auth.login.FailedLoginException
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
