honeymoose
/
OpenSearch
mirror of https://github.com/honeymoose/OpenSearch.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Bugfix: Any LDAP or AD exceptions are not getting logged. 

The AD and LDAP realms now catch and log Throwable.  This changes LDAPException and ActiveDirectoryExceptions to be ShieldExceptions instead of SecurityExceptions

Fixes https://github.com/elasticsearch/elasticsearch-shield/issues/452

Original commit: elastic/x-pack-elasticsearch@aff428e5c1
This commit is contained in:
c-a-m 2014-12-08 17:59:37 -07:00
parent cf0987a4a0
commit d17c0f6d83
3 changed files with 7 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/main/java/org/elasticsearch/shield/authc/active_directory/ActiveDirectoryException.java
View File

@ -5,11 +5,13 @@
*/
package org.elasticsearch.shield.authc.active_directory;
import org.elasticsearch.shield.ShieldException;
/**
* ActiveDirectoryExceptions typically wrap jndi Naming exceptions, and have an additional
* parameter of DN attached to each message.
*/
public class ActiveDirectoryException extends SecurityException {
public class ActiveDirectoryException extends ShieldException {
public ActiveDirectoryException(String msg){
super(msg);

4
src/main/java/org/elasticsearch/shield/authc/ldap/LdapException.java
View File

@ -5,11 +5,13 @@
*/
package org.elasticsearch.shield.authc.ldap;
import org.elasticsearch.shield.ShieldException;
/**
* LdapExceptions typically wrap jndi Naming exceptions, and have an additional
* parameter of DN attached to each message.
*/
public class LdapException extends SecurityException {
public class LdapException extends ShieldException {
public LdapException(String msg){
super(msg);

3
src/main/java/org/elasticsearch/shield/authc/support/ldap/AbstractLdapRealm.java
View File

@ -7,7 +7,6 @@ package org.elasticsearch.shield.authc.support.ldap;
import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.rest.RestController;
import org.elasticsearch.shield.ShieldException;
import org.elasticsearch.shield.User;
import org.elasticsearch.shield.authc.support.CachingUsernamePasswordRealm;
import org.elasticsearch.shield.authc.support.RefreshListener;
@ -44,7 +43,7 @@ public abstract class AbstractLdapRealm extends CachingUsernamePasswordRealm {
List<String> groupDNs = session.groups();
Set<String> roles = roleMapper.mapRoles(groupDNs);
return new User.Simple(token.principal(), roles.toArray(new String[roles.size()]));
} catch (ShieldException e) {
} catch (Throwable e) {
if (logger.isDebugEnabled()) {
logger.debug("Authentication Failed for user [{}]", e, token.principal());
}