KEYCLOAK-2585: Changes on Brute force messages
This commit is contained in:
parent
002074bb30
commit
8d6f71e7d1
4 changed files with 4 additions and 4 deletions
|
@ -569,7 +569,7 @@ public class AuthenticationProcessor {
|
|||
} else if (e.getError() == AuthenticationFlowError.USER_TEMPORARILY_DISABLED) {
|
||||
logger.failedAuthentication(e);
|
||||
event.error(Errors.USER_TEMPORARILY_DISABLED);
|
||||
return ErrorPage.error(session, Messages.ACCOUNT_TEMPORARILY_DISABLED);
|
||||
return ErrorPage.error(session, Messages.INVALID_USER);
|
||||
|
||||
} else if (e.getError() == AuthenticationFlowError.INVALID_CLIENT_SESSION) {
|
||||
logger.failedAuthentication(e);
|
||||
|
|
|
@ -65,7 +65,7 @@ public abstract class AbstractUsernameFormAuthenticator extends AbstractFormAuth
|
|||
|
||||
protected Response temporarilyDisabledUser(AuthenticationFlowContext context) {
|
||||
return context.form()
|
||||
.setError(Messages.ACCOUNT_TEMPORARILY_DISABLED).createLogin();
|
||||
.setError(Messages.INVALID_USER).createLogin();
|
||||
}
|
||||
|
||||
protected Response invalidCredentials(AuthenticationFlowContext context) {
|
||||
|
|
|
@ -41,7 +41,7 @@ import static org.junit.Assert.*;
|
|||
public class SecurityDefensesTest extends AbstractRealmTest {
|
||||
|
||||
public static final String INVALID_PWD_MSG = "Invalid username or password.";
|
||||
public static final String ACC_DISABLED_MSG = "Account is temporarily disabled, contact admin or try again later.";
|
||||
public static final String ACC_DISABLED_MSG = "Invalid username or password.";
|
||||
public static final short ATTEMPTS_BAD_PWD = 2;
|
||||
public static final short ATTEMPTS_GOOD_PWD = 1;
|
||||
|
||||
|
|
|
@ -359,7 +359,7 @@ public class BruteForceTest {
|
|||
|
||||
loginPage.assertCurrent();
|
||||
String src = driver.getPageSource();
|
||||
Assert.assertEquals("Account is temporarily disabled, contact admin or try again later.", loginPage.getError());
|
||||
Assert.assertEquals("Invalid username or password.", loginPage.getError());
|
||||
events.expectLogin().session((String) null).error(Errors.USER_TEMPORARILY_DISABLED)
|
||||
.detail(Details.USERNAME, "test-user@localhost")
|
||||
.removeDetail(Details.CONSENT)
|
||||
|
|
Loading…
Reference in a new issue