SEC-453: CasAuthenticationHandler does not log root cause of AuthenticationException. #714
Labels
in: cas
An issue in spring-security-cas
type: bug
A general bug
type: jira
An issue that was migrated from JIRA
Milestone
Mat Lowery(Migrated from SEC-453) said:
Excerpt from org.acegisecurity.adapters.cas3.CasAuthenticationHandler’s authenticateUsernamePasswordInternal() method:
return false;-— excerpt begin-—try {
this.authenticationManager.authenticate(authenticationRequest);
} catch (final org.acegisecurity.AuthenticationException e) {
if (log.isDebugEnabled()) {
log.debug("Authentication request for " + credentials.getUsername() + "failed: " + e.toString());
}
}
-—- excerpt end-—-Problems (both with the log.debug() call):
- The log.debug call does not print the stack trace. This could be solved by changing the log.debug() call to:
log.debug("Authentication request for " + credentials.getUsername() + "failed: ", e);
- There needs to be a space between the credentials.getUsername() and the word “failed”.
The text was updated successfully, but these errors were encountered: