From 8d6f71e7d1801635f6a6772176a6742e5cb394e8 Mon Sep 17 00:00:00 2001 From: Bruno Oliveira Date: Thu, 3 Mar 2016 10:11:03 -0300 Subject: [PATCH] KEYCLOAK-2585: Changes on Brute force messages --- .../org/keycloak/authentication/AuthenticationProcessor.java | 2 +- .../browser/AbstractUsernameFormAuthenticator.java | 2 +- .../keycloak/testsuite/console/realm/SecurityDefensesTest.java | 2 +- .../test/java/org/keycloak/testsuite/forms/BruteForceTest.java | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/services/src/main/java/org/keycloak/authentication/AuthenticationProcessor.java b/services/src/main/java/org/keycloak/authentication/AuthenticationProcessor.java index fd6cd5a4d3..68c0620fb3 100755 --- a/services/src/main/java/org/keycloak/authentication/AuthenticationProcessor.java +++ b/services/src/main/java/org/keycloak/authentication/AuthenticationProcessor.java @@ -569,7 +569,7 @@ public class AuthenticationProcessor { } else if (e.getError() == AuthenticationFlowError.USER_TEMPORARILY_DISABLED) { logger.failedAuthentication(e); event.error(Errors.USER_TEMPORARILY_DISABLED); - return ErrorPage.error(session, Messages.ACCOUNT_TEMPORARILY_DISABLED); + return ErrorPage.error(session, Messages.INVALID_USER); } else if (e.getError() == AuthenticationFlowError.INVALID_CLIENT_SESSION) { logger.failedAuthentication(e); diff --git a/services/src/main/java/org/keycloak/authentication/authenticators/browser/AbstractUsernameFormAuthenticator.java b/services/src/main/java/org/keycloak/authentication/authenticators/browser/AbstractUsernameFormAuthenticator.java index 77d004d064..137e37086a 100755 --- a/services/src/main/java/org/keycloak/authentication/authenticators/browser/AbstractUsernameFormAuthenticator.java +++ b/services/src/main/java/org/keycloak/authentication/authenticators/browser/AbstractUsernameFormAuthenticator.java @@ -65,7 +65,7 @@ public abstract class AbstractUsernameFormAuthenticator extends AbstractFormAuth protected Response temporarilyDisabledUser(AuthenticationFlowContext context) { return context.form() - .setError(Messages.ACCOUNT_TEMPORARILY_DISABLED).createLogin(); + .setError(Messages.INVALID_USER).createLogin(); } protected Response invalidCredentials(AuthenticationFlowContext context) { diff --git a/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/realm/SecurityDefensesTest.java b/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/realm/SecurityDefensesTest.java index 5792a739b0..9537661a5e 100644 --- a/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/realm/SecurityDefensesTest.java +++ b/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/realm/SecurityDefensesTest.java @@ -41,7 +41,7 @@ import static org.junit.Assert.*; public class SecurityDefensesTest extends AbstractRealmTest { public static final String INVALID_PWD_MSG = "Invalid username or password."; - public static final String ACC_DISABLED_MSG = "Account is temporarily disabled, contact admin or try again later."; + public static final String ACC_DISABLED_MSG = "Invalid username or password."; public static final short ATTEMPTS_BAD_PWD = 2; public static final short ATTEMPTS_GOOD_PWD = 1; diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/forms/BruteForceTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/forms/BruteForceTest.java index 16d98041a9..481ea40cb8 100755 --- a/testsuite/integration/src/test/java/org/keycloak/testsuite/forms/BruteForceTest.java +++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/forms/BruteForceTest.java @@ -359,7 +359,7 @@ public class BruteForceTest { loginPage.assertCurrent(); String src = driver.getPageSource(); - Assert.assertEquals("Account is temporarily disabled, contact admin or try again later.", loginPage.getError()); + Assert.assertEquals("Invalid username or password.", loginPage.getError()); events.expectLogin().session((String) null).error(Errors.USER_TEMPORARILY_DISABLED) .detail(Details.USERNAME, "test-user@localhost") .removeDetail(Details.CONSENT)