Merge pull request #3729 from mposolda/master
KEYCLOAK-4178 Bad error message when kerberos provider unavailable
This commit is contained in:
Marek Posolda
GitHub
commit
be4f2aff63
2 changed files with 32 additions and 3 deletions
|
|
@ -99,7 +99,12 @@ public class KerberosUsernamePasswordAuthenticator {
|
||||||
}
|
}
|
||||||
|
|
||||||
protected void checkKerberosServerAvailable(LoginException le) {
|
protected void checkKerberosServerAvailable(LoginException le) {
|
||||||
if (le.getMessage().contains("Port Unreachable")) {
|
String message = le.getMessage().toUpperCase();
|
||||||
|
if (message.contains("PORT UNREACHABLE") ||
|
||||||
|
message.contains("CANNOT LOCATE") ||
|
||||||
|
message.contains("CANNOT CONTACT") ||
|
||||||
|
message.contains("CANNOT FIND") ||
|
||||||
|
message.contains("UNKNOWN ERROR")) {
|
||||||
throw new ModelException("Kerberos unreachable", le);
|
throw new ModelException("Kerberos unreachable", le);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -25,9 +25,7 @@ import java.util.regex.Pattern;
|
||||||
|
|
||||||
import javax.ws.rs.core.Response;
|
import javax.ws.rs.core.Response;
|
||||||
|
|
||||||
import org.junit.After;
|
|
||||||
import org.junit.Assert;
|
import org.junit.Assert;
|
||||||
import org.junit.Before;
|
|
||||||
import org.junit.ClassRule;
|
import org.junit.ClassRule;
|
||||||
import org.junit.Test;
|
import org.junit.Test;
|
||||||
import org.keycloak.common.constants.KerberosConstants;
|
import org.keycloak.common.constants.KerberosConstants;
|
||||||
|
|
@ -37,6 +35,7 @@ import org.keycloak.federation.kerberos.KerberosConfig;
|
||||||
import org.keycloak.federation.kerberos.KerberosFederationProviderFactory;
|
import org.keycloak.federation.kerberos.KerberosFederationProviderFactory;
|
||||||
import org.keycloak.models.utils.ModelToRepresentation;
|
import org.keycloak.models.utils.ModelToRepresentation;
|
||||||
import org.keycloak.representations.idm.ComponentRepresentation;
|
import org.keycloak.representations.idm.ComponentRepresentation;
|
||||||
|
import org.keycloak.representations.idm.UserRepresentation;
|
||||||
import org.keycloak.storage.UserStorageProvider;
|
import org.keycloak.storage.UserStorageProvider;
|
||||||
import org.keycloak.storage.UserStorageProviderModel;
|
import org.keycloak.storage.UserStorageProviderModel;
|
||||||
import org.keycloak.testsuite.util.KerberosRule;
|
import org.keycloak.testsuite.util.KerberosRule;
|
||||||
|
|
@ -158,4 +157,29 @@ public class KerberosStandaloneTest extends AbstractKerberosTest {
|
||||||
testRealmResource().components().add(kerberosProvider);
|
testRealmResource().components().add(kerberosProvider);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* KEYCLOAK-4178
|
||||||
|
*
|
||||||
|
* Assert it's handled when kerberos realm is unreachable
|
||||||
|
*
|
||||||
|
* @throws Exception
|
||||||
|
*/
|
||||||
|
@Test
|
||||||
|
public void handleUnknownKerberosRealm() throws Exception {
|
||||||
|
// Switch kerberos realm to "unavailable"
|
||||||
|
List<ComponentRepresentation> reps = testRealmResource().components().query("test", UserStorageProvider.class.getName());
|
||||||
|
org.keycloak.testsuite.Assert.assertEquals(1, reps.size());
|
||||||
|
ComponentRepresentation kerberosProvider = reps.get(0);
|
||||||
|
kerberosProvider.getConfig().putSingle(KerberosConstants.KERBEROS_REALM, "unavailable");
|
||||||
|
testRealmResource().components().component(kerberosProvider.getId()).update(kerberosProvider);
|
||||||
|
|
||||||
|
// Try register new user and assert it failed
|
||||||
|
UserRepresentation john = new UserRepresentation();
|
||||||
|
john.setUsername("john");
|
||||||
|
Response response = testRealmResource().users().create(john);
|
||||||
|
Assert.assertEquals(500, response.getStatus());
|
||||||
|
response.close();
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue