[
https://issues.apache.org/jira/browse/NIFIREG-131?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16345382#comment-16345382
]
ASF GitHub Bot commented on NIFIREG-131:
----------------------------------------
Github user kevdoran commented on the issue:
https://github.com/apache/nifi-registry/pull/96
This change results in the following responses when testing a composite
file+ldap authorizer and accessing and endpoint that requires authentication:
---
_No credentials:_
```
HTTP/1.1 401 Unauthorized
...
An Authentication object was not found in the SecurityContext. Contact the
system administrator.
```
_Bad credentials:_
```
HTTP/1.1 401 Unauthorized
...
Unable to validate the access token. Contact the system administrator.
```
_Untrusted Proxy:_
```
HTTP/1.1 403 Forbidden
...
Untrusted proxy [CN=user1, OU=nifi]. Contact the system administrator.
```
---
Logging for the root cause exception has also been added to the
AuthenticationEntryPoint bean.
> Add logging authentication failure cases
> ----------------------------------------
>
> Key: NIFIREG-131
> URL: https://issues.apache.org/jira/browse/NIFIREG-131
> Project: NiFi Registry
> Issue Type: Improvement
> Affects Versions: 0.1.0
> Reporter: Kevin Doran
> Assignee: Kevin Doran
> Priority: Minor
> Fix For: 0.2.0
>
>
> The handling for unauthenticated requests made to a secured Registry instance
> swallows authentication exceptions with a vague error message:
> "AuthenticationEntryPoint invoked as no user identity credentials were found
> in the request." and an HTTP 401 response is returned with no body to aide in
> client troubleshooting.
> We should add more useful troubleshooting information (including the root
> cause) to the logs and some guidance information for the client to the
> response body.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
