Check if kerberos auth is enabled before creating the kerberos principal in LDAPStorageProvider
- prevents misleading warn messages from being logged Closes #25294 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
This commit is contained in:
parent
c30b9545ef
commit
143ccbfa15
1 changed files with 1 additions and 1 deletions
|
@ -676,7 +676,7 @@ public class LDAPStorageProvider implements UserStorageProvider,
|
|||
if(getLdapIdentityStore().getConfig().isTrustEmail()){
|
||||
imported.setEmailVerified(true);
|
||||
}
|
||||
if (kerberosConfig.getKerberosPrincipalAttribute() != null) {
|
||||
if (kerberosConfig.isAllowKerberosAuthentication() && kerberosConfig.getKerberosPrincipalAttribute() != null) {
|
||||
String kerberosPrincipal = ldapUser.getAttributeAsString(kerberosConfig.getKerberosPrincipalAttribute());
|
||||
if (kerberosPrincipal == null) {
|
||||
logger.warnf("Kerberos principal attribute not found on LDAP user [%s]. Configured kerberos principal attribute name is [%s]", ldapUser.getDn(), kerberosConfig.getKerberosPrincipalAttribute());
|
||||
|
|
Loading…
Reference in a new issue