commit
ddee72c756
3 changed files with 18 additions and 2 deletions
|
@ -327,6 +327,10 @@ public class LDAPOperationManager {
|
|||
InitialContext authCtx = null;
|
||||
|
||||
try {
|
||||
if (password == null || password.isEmpty()) {
|
||||
throw new Exception("Empty password used");
|
||||
}
|
||||
|
||||
Hashtable<String, Object> env = new Hashtable<String, Object>(this.connectionProperties);
|
||||
|
||||
env.put(Context.SECURITY_PRINCIPAL, dn);
|
||||
|
|
|
@ -31,7 +31,7 @@ public class ValidatePassword extends AbstractDirectGrantAuthenticator {
|
|||
MultivaluedMap<String, String> inputData = context.getHttpRequest().getDecodedFormParameters();
|
||||
List<UserCredentialModel> credentials = new LinkedList<>();
|
||||
String password = inputData.getFirst(CredentialRepresentation.PASSWORD);
|
||||
if (password == null) {
|
||||
if (password == null || password.isEmpty()) {
|
||||
if (context.getUser() != null) {
|
||||
context.getEvent().user(context.getUser());
|
||||
}
|
||||
|
|
|
@ -27,6 +27,7 @@ import org.keycloak.models.UserFederationProvider;
|
|||
import org.keycloak.models.UserFederationProviderModel;
|
||||
import org.keycloak.models.UserModel;
|
||||
import org.keycloak.models.utils.KeycloakModelUtils;
|
||||
import org.keycloak.representations.AccessToken;
|
||||
import org.keycloak.services.managers.RealmManager;
|
||||
import org.keycloak.testsuite.OAuthClient;
|
||||
import org.keycloak.testsuite.pages.AccountPasswordPage;
|
||||
|
@ -43,6 +44,8 @@ import org.openqa.selenium.WebDriver;
|
|||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
||||
import static org.junit.Assert.assertEquals;
|
||||
|
||||
/**
|
||||
* @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
|
||||
*/
|
||||
|
@ -247,6 +250,16 @@ public class FederationProvidersIntegrationTest {
|
|||
Assert.assertEquals("john@email.org", profilePage.getEmail());
|
||||
}
|
||||
|
||||
@Test
|
||||
public void loginLdapWithDirectGrant() throws Exception {
|
||||
OAuthClient.AccessTokenResponse response = oauth.doGrantAccessTokenRequest("password", "johnkeycloak", "Password1");
|
||||
assertEquals(200, response.getStatusCode());
|
||||
AccessToken accessToken = oauth.verifyToken(response.getAccessToken());
|
||||
|
||||
response = oauth.doGrantAccessTokenRequest("password", "johnkeycloak", "");
|
||||
assertEquals(401, response.getStatusCode());
|
||||
}
|
||||
|
||||
@Test
|
||||
public void loginLdapWithEmail() {
|
||||
loginPage.open();
|
||||
|
@ -260,7 +273,6 @@ public class FederationProvidersIntegrationTest {
|
|||
public void loginLdapWithoutPassword() {
|
||||
loginPage.open();
|
||||
loginPage.login("john@email.org", "");
|
||||
|
||||
Assert.assertEquals("Invalid username or password.", loginPage.getError());
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue