LDAP - UsernamePasswordLoginModule shows the same exeption in case of login failed due to wrong password and Login failed due to wrong LDAP password configured
Hi all,
I want to discriminate two cases based on the exception responded from LDAP server
- Login failed due to wrong password
- Login failed due to wrong LDAP password configured
Unfortunately, the exception in both two cases are the same as detailed below
018-03-22 04:00:11,387 DEBUG [EJB default - 95]-[SECURITY] Validation for primary URL: javax.naming.AuthenticationException: [LDAP: error code 49 - Invalid Credentials]
2018-03-22 04:00:11,396 ERROR [EJB default - 95]-[SECURITY] CustomLdapExtLoginModule login Failed due to: : javax.security.auth.login.FailedLoginException: PBOX00070: Password invalid/Password required
at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:286)
at com.testing.security.usermanagement.impl.CustomLdapExtLoginModule.login(CustomLdapExtLoginModule.java:121)
at com.testing.security.usermanagement.impl.LdapAuthAuthLoginModule.login(LdapAuthAuthLoginModule.java:84)
at sun.reflect.GeneratedMethodAccessor1111.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:755)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:195)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:682)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:680)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:587)
at org.jboss.security.plugins.auth.JaasSecurityManagerBase.defaultLogin(JaasSecurityManagerBase.java:388)
at org.jboss.security.plugins.auth.JaasSecurityManagerBase.proceedWithJaasLogin(JaasSecurityManagerBase.java:330)
at org.jboss.security.plugins.auth.JaasSecurityManagerBase.authenticate(JaasSecurityManagerBase.java:318)
at org.jboss.security.plugins.auth.JaasSecurityManagerBase.isValid(JaasSecurityManagerBase.java:197)
at com.testing.security.session.AxsAuthenticationInterceptor.authenticate(AxsAuthenticationInterceptor.java:132)
at com.testing.security.session.AxsAuthenticationInterceptor.invoke(AxsAuthenticationInterceptor.java:118)
at com.testinglications.common.service.RemoteServerInvocationServiceImpl.invoke(RemoteServerInvocationServiceImpl.java:94)
at sun.reflect.GeneratedMethodAccessor518.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
I did not find any relevant configuration for this, please let me know if this is well-know issue or normal behavior.
Many thanks for help!