[jira] [Created] (KARAF-3860) fix [KARAF-3373] Log lower level root cause exception in LDAPLoginModule.doLogin()

Fri, 17 Jul 2015 02:25:15 -0700 

Josef Ludvíček created KARAF-3860:
-------------------------------------

             Summary: fix [KARAF-3373] Log lower level root cause exception in 
LDAPLoginModule.doLogin()
                 Key: KARAF-3860
                 URL: https://issues.apache.org/jira/browse/KARAF-3860
             Project: Karaf
          Issue Type: Improvement
          Components: karaf-security
    Affects Versions: 4.0.0, 2.4.2
            Reporter: Josef Ludvíček


There was several lines of code introduced by KARAF-3373, 
{code:java}
        } catch (CommunicationException ce) {
            // explicitly catch CommunicationException as it my wrap a lower 
level root cause.
            String rootCause = null;
            if (ce.getRootCause() != null)
                rootCause = ce.getRootCause().getMessage();
            logger.warn("Can't connect to the LDAP server: {}", 
ce.getMessage(), rootCause);
            throw new LoginException("Can't connect to the LDAP server: " + 
ce.getMessage());
        } catch (Exception e) {
            logger.warn("Can't connect to the LDAP server: {}", e.getMessage(), 
e);
            throw new LoginException("Can't connect to the LDAP server: " + 
e.getMessage());
        }
{code}

but in case of empty trust store, logs contained only anonymous bind failed:
{code}
2015-07-17 10:40:13,786 | WARN  | qtp1137020936-97 | HttpChannel                
      | 84 - org.eclipse.jetty.util - 9.2.10.v20150310 | Could not send 
response error 500: java.lang.IllegalStateException: Committed                  
                                                                                
                                                                    
2015-07-17 10:40:17,478 | WARN  | qtp1137020936-98 | LDAPLoginModule            
      | 35 - org.apache.karaf.jaas.modules - 4.0.1.SNAPSHOT | Can't connect to 
the LDAP server: anonymous bind failed: some.ldap.host:636                      
                                                                                
                                                        
2015-07-17 10:40:17,479 | ERROR | qtp1137020936-98 | JaasSecurityProvider       
      | 109 - org.apache.karaf.webconsole.console - 4.0.1.SNAPSHOT | General 
Security Exception
javax.security.auth.login.LoginException: Can't connect to the LDAP server: 
anonymous bind failed: some.ldap.host.com:636 
{code}

Please consider attached patch, as it logs all exceptions along with stacktrace.

{code}
2015-07-17 10:53:44,270 | WARN  | qtp149032581-115 | LDAPLoginModule            
      | 35 - org.apache.karaf.jaas.modules - 4.0.1.SNAPSHOT | Can't connect to 
the LDAP server: anonymous bind failed: some.ldap.host.com:636                  
                                                                                
                                                         
javax.naming.CommunicationException: anonymous bind failed: 
some.ldap.host.com:636  [Root exception is javax.net.ssl.SSLException: 
java.lang.RuntimeException: Unexpected error: 
java.security.InvalidAlgorithmParameterException: the trustAnchors parameter 
must be non-empty]                                                              
                                              
...
...
{code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to