Wouter de Vaal created SHIRO-467:
------------------------------------
Summary: Authentication exception gets swallowed
Key: SHIRO-467
URL: https://issues.apache.org/jira/browse/SHIRO-467
Project: Shiro
Issue Type: Bug
Components: Authentication (log-in)
Affects Versions: 1.2.1
Reporter: Wouter de Vaal
We extend from AuthorizingRealm and when we have a bug in our implementation,
the exception gets swallowed by AbstractAuthenticator.
A comment in the code mentions it needs a warn log, but no such statement is
present:
if (ae == null) {
//Exception thrown was not an expected AuthenticationException.
Therefore it is probably a little more
//severe or unexpected. So, wrap in an
AuthenticationException, log to warn, and propagate:
String msg = "Authentication failed for token submission [" +
token + "]. Possible unexpected " +
"error? (Typical or expected login exceptions should
extend from AuthenticationException).";
ae = new AuthenticationException(msg, t);
}
--
This message was sent by Atlassian JIRA
(v6.1#6144)
