KEYCLOAK-19575: Different user authenticated results in server error instead of bad request
This commit is contained in:
parent
b4c837f148
commit
c392538f69
1 changed files with 1 additions and 1 deletions
|
@ -1042,7 +1042,7 @@ public class AuthenticationProcessor {
|
||||||
if (!authSession.getAuthenticatedUser().equals(userSession.getUser())) {
|
if (!authSession.getAuthenticatedUser().equals(userSession.getUser())) {
|
||||||
event.detail(Details.EXISTING_USER, userSession.getUser().getId());
|
event.detail(Details.EXISTING_USER, userSession.getUser().getId());
|
||||||
event.error(Errors.DIFFERENT_USER_AUTHENTICATED);
|
event.error(Errors.DIFFERENT_USER_AUTHENTICATED);
|
||||||
throw new ErrorPageException(session, authSession, Response.Status.INTERNAL_SERVER_ERROR, Messages.DIFFERENT_USER_AUTHENTICATED, userSession.getUser().getUsername());
|
throw new ErrorPageException(session, authSession, Response.Status.BAD_REQUEST, Messages.DIFFERENT_USER_AUTHENTICATED, userSession.getUser().getUsername());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
userSession.setState(UserSessionModel.State.LOGGED_IN);
|
userSession.setState(UserSessionModel.State.LOGGED_IN);
|
||||||
|
|
Loading…
Reference in a new issue