Yair Zaslavsky has uploaded a new change for review. Change subject: aaa: exceptions should be propagated in builtin ldap provider ......................................................................
aaa: exceptions should be propagated in builtin ldap provider All exceptions which are caught during the privileged action execution should be propagated and not swollowed. In addition, NegativeArraySizeException is handled as a severe exception, meaning there will be no attempt to try the next server if is caught Bug-Url: https://bugzilla.redhat.com/show_bug.cgi?id=1165721 Change-Id: Iafa1dcf67545e81a14981bb3c33e52a570684d72 Topic: AAA Signed-off-by: Yair Zaslavsky <[email protected]> --- M backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/LDAPTemplateWrapper.java M backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/LdapSearchExceptionHandler.java M backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/utils/kerberos/AuthenticationResult.java 3 files changed, 7 insertions(+), 3 deletions(-) git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/46/35346/1 diff --git a/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/LDAPTemplateWrapper.java b/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/LDAPTemplateWrapper.java index 7443de9..bb5d5f5 100644 --- a/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/LDAPTemplateWrapper.java +++ b/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/LDAPTemplateWrapper.java @@ -150,10 +150,11 @@ /** * @param ex */ - private Throwable handleException(Exception e) { + private void handleException(Exception e) { if (e instanceof RuntimeException) { throw (RuntimeException) e; + } else { + throw new RuntimeException(e); } - return e; } } diff --git a/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/LdapSearchExceptionHandler.java b/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/LdapSearchExceptionHandler.java index 35ab353..0dc0876 100644 --- a/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/LdapSearchExceptionHandler.java +++ b/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/LdapSearchExceptionHandler.java @@ -24,6 +24,8 @@ handleEngineDirectoryServiceException(response, e); } else if (e instanceof AuthenticationException) { handleAuthenticationException(response); + } else if (e instanceof NegativeArraySizeException) { + handleAuthenticationException(response); } else if (e instanceof CommunicationException) { handleCommunicationException(response, e); } else if (e instanceof InterruptedException) { diff --git a/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/utils/kerberos/AuthenticationResult.java b/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/utils/kerberos/AuthenticationResult.java index f736020..d822e31 100644 --- a/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/utils/kerberos/AuthenticationResult.java +++ b/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/utils/kerberos/AuthenticationResult.java @@ -67,7 +67,8 @@ INTERNAL_KERBEROS_ERROR( "An internal error has ocurred in the Kerberos implementation of the Java virtual machine. This usually" + " means that the LDAP server is configured with a minimum security strength factor (minssf)" - + " of 0. Change it to 1 and try again.", + + " of 0. Change it to 1 and try again. You can also try to change the SASL quality of protection to \"auth\" which will lower the protection level. " + + " To change the SASL quality of protection to \"auth\" use engine-config -s SASL_QOP=auth and restart engine.", 25); private String detailedMessage; -- To view, visit http://gerrit.ovirt.org/35346 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: Iafa1dcf67545e81a14981bb3c33e52a570684d72 Gerrit-PatchSet: 1 Gerrit-Project: ovirt-engine Gerrit-Branch: ovirt-engine-3.5 Gerrit-Owner: Yair Zaslavsky <[email protected]> _______________________________________________ Engine-patches mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/engine-patches
