LdapExtended Authentication on ldaps without SSLHandshakeException
cweiler Nov 16, 2015 11:59 AMHi,
I've setup a security-domain with authentication been done by LdapExtende login-module.
First of all: configuration WORKS! dot.
My problem is that we use ldaps protocol, and I can never receive SSLHandshakeException when the certificate is missing, or invalid. I setup log to DEBUG on "org.jboss.security" and the error message that I get on log files is:
DEBUG [org.jboss.security] (default task-19) PBOX00206: Login failure: javax.security.auth.login.FailedLoginException: PBOX00070: Password invalid/Password required at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:286) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:497) at javax.security.auth.login.LoginContext.invoke(LoginContext.java:755) at javax.security.auth.login.LoginContext.access$000(LoginContext.java:195) at javax.security.auth.login.LoginContext$4.run(LoginContext.java:682) at javax.security.auth.login.LoginContext$4.run(LoginContext.java:680) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) at javax.security.auth.login.LoginContext.login(LoginContext.java:587) at org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:406) at org.jboss.security.authentication.JBossCachedAuthenticationManager.proceedWithJaasLogin(JBossCachedAuthenticationManager.java:345) at org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:333) at org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:146) at org.wildfly.extension.undertow.security.JAASIdentityManagerImpl.verifyCredential(JAASIdentityManagerImpl.java:111) at org.wildfly.extension.undertow.security.JAASIdentityManagerImpl.verify(JAASIdentityManagerImpl.java:82) at io.undertow.security.impl.SecurityContextImpl.login(SecurityContextImpl.java:236) at io.undertow.servlet.spec.HttpServletRequestImpl.login(HttpServletRequestImpl.java:433)
Password is not invalid!!!!! If certificate is correctly configured authentication works, but when certificate is missconfigured I should receive correct error message, something closer to SSLHandshakeException.
Any clues on how to get better error message?
---
WildFly 9.0.2
Windows 7 64
Java SE 8 64
---
Thanks!