[
https://jira.jboss.org/jira/browse/JBSEAM-2164?page=com.atlassian.jira.pl...
]
Oikonomopoulos Spyros commented on JBSEAM-2164:
-----------------------------------------------
Hello, it is actually partially fixed (at least until 2.2.0GA):
{code:java}
try
{
NameCallback cbName = new NameCallback("Enter username");
PasswordCallback cbPassword = new PasswordCallback("Enter password",
false);
// Get the username and password from the callback handler
callbackHandler.handle(new Callback[] { cbName, cbPassword });
username = cbName.getName();
}
catch (Exception ex)
{
log.warn("Error logging in");
LoginException le = new LoginException(ex.getMessage());
le.initCause(ex);
throw le;
}
// If an authentication method has been specified, use that to authenticate
MethodExpression mb = Identity.instance().getAuthenticateMethod();
if (mb != null)
{
try
{
return (Boolean) mb.invoke();
}
catch (Exception ex)
{
log.warn("Error invoking login method", ex);
throw new LoginException(ex.getMessage());
}
}
{code}
The second block does not initialize the cause
Improve exception chaining in SeamLoginModule
---------------------------------------------
Key: JBSEAM-2164
URL:
https://jira.jboss.org/jira/browse/JBSEAM-2164
Project: Seam
Issue Type: Feature Request
Components: Security
Affects Versions: 2.0.0.CR3
Reporter: Yannick Lazzari
Assignee: Shane Bryzak
Priority: Minor
Fix For: 2.0.1.CR2
This an improvement request in the SeamLoginModule class to properly chain exceptions
when throwing LoginExceptions in the login method. See code below:
public boolean login()
throws LoginException
{
try
{
NameCallback cbName = new NameCallback("Enter username");
PasswordCallback cbPassword = new PasswordCallback("Enter password",
false);
// Get the username and password from the callback handler
callbackHandler.handle(new Callback[] { cbName, cbPassword });
username = cbName.getName();
}
catch (Exception ex)
{
log.error("Error logging in", ex);
throw new LoginException(ex.getMessage());
}
MethodExpression mb = Identity.instance().getAuthenticateMethod();
if (mb==null)
{
throw new IllegalStateException("No authentication method defined - please
define <security:authenticate-method/> for <security:identity/> in
components.xml");
}
try
{
return (Boolean) mb.invoke();
}
catch (Exception ex)
{
log.error("Error invoking login method", ex);
throw new LoginException(ex.getMessage());
}
}
In both instances where a LoginException is thrown, only the message is passed to the
constructor of the LoginException. I know that the LoginException does not overload the
constructor to pass a cause directly but we can use the initCause method instead:
LoginException loginException = new LoginException();
loginException.initCause(originalException);
throw loginException;
If people use typed exceptions in their authenticator method to express different reasons
why the login attempt failed, it's impossible right now to get that original
exception.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira