FailedLoginException stack trace appears in log despite catching throwable when user enters incorrect password? How to prevent this?
I'm wondering why when I put request.login() inside a try-catch block a stack trace appears in the log.
| try | |
| { // Throws ServletException if incorrect password. | |
| request.login(user.getEmail(), password); | |
| } | |
| catch(Throwable throwable) | |
| { | |
| logger.warn("User ''{0}'' attempt to login failed due to: " + throwable.getMessage()); | |
| } |
Here's the log entry that is generated when request.login fails due to incorrect password:
13:22:20,915 ERROR [org.jboss.security.authentication.JBossCachedAuthenticationManager] (http--127.0.0.1-8443-7) Login failure: javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required
at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:270) [picketbox-4.0.7.Final.jar:4.0.7.Final]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.7.0_03]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) [rt.jar:1.7.0_03]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [rt.jar:1.7.0_03]
at java.lang.reflect.Method.invoke(Method.java:601) [rt.jar:1.7.0_03]
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:784) [rt.jar:1.7.0_03]
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:203) [rt.jar:1.7.0_03]
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:698) [rt.jar:1.7.0_03]
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:696) [rt.jar:1.7.0_03]
at java.security.AccessController.doPrivileged(Native Method) [rt.jar:1.7.0_03]
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:695) [rt.jar:1.7.0_03]
at javax.security.auth.login.LoginContext.login(LoginContext.java:594) [rt.jar:1.7.0_03]
at org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:449) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]
at org.jboss.security.authentication.JBossCachedAuthenticationManager.proceedWithJaasLogin(JBossCachedAuthenticationManager.java:383) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]
at org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:371) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]
at org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:160) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]
at org.jboss.as.web.security.JBossWebRealm.authenticate(JBossWebRealm.java:214) [jboss-as-web-7.1.1.Final.jar:7.1.1.Final]
at org.apache.catalina.authenticator.AuthenticatorBase.login(AuthenticatorBase.java:324) [jbossweb-7.0.13.Final.jar:]
at org.apache.catalina.connector.Request.login(Request.java:3252) [jbossweb-7.0.13.Final.jar:]
at org.apache.catalina.connector.RequestFacade.login(RequestFacade.java:1082) [jbossweb-7.0.13.Final.jar:]
at com.patrac.controller.authenticate.LoginChecker.servletRequestLogin(LoginChecker.java:195) [classes:]
.......
13:22:20,987 WARNING [com.patrac.controller.authenticate.LoginController] (http--127.0.0.1-8443-7) User 'patrick.garner@patrac.com' attempt to login failed due to: Failed to authenticate a principal
The exception is being caught and logged. How to prevent the stack trace from appearing in the log???
