archive-gh-me/onedev
1
0
Fork 0
mirror of https://github.com/theonedev/onedev.git synced 2026-02-01 17:37:19 +00:00
Code Issues Projects Releases Wiki Activity

Fix issue #889 - Security: login dialog

Browse Source
This commit is contained in:
Robin Shen 2022-08-25 13:12:42 +08:00
parent 759e02d02d
commit b8428366f7
3 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
server-core/src/main/java/io/onedev/server/rest/exception/IncorrectCredentialsExceptionHandler.java
View File

@ -15,7 +15,7 @@ public class IncorrectCredentialsExceptionHandler extends AbstractExceptionHandl
public Response getResponse(IncorrectCredentialsException exception) {
return Response
.status(Response.Status.UNAUTHORIZED)
.entity("Incorrect credentials")
.entity("Invalid credentials")
.type(MediaType.TEXT_PLAIN)
.build();
}

2
server-core/src/main/java/io/onedev/server/rest/exception/UnknownUserExceptionHandler.java
View File

@ -15,7 +15,7 @@ public class UnknownUserExceptionHandler extends AbstractExceptionHandler<Unknow
public Response getResponse(UnknownAccountException exception) {
return Response
.status(Response.Status.UNAUTHORIZED)
.entity("Unknown user")
.entity("Invalid credentials")
.type(MediaType.TEXT_PLAIN)
.build();
}

6
server-plugin/server-plugin-authenticator-ldap/src/main/java/io/onedev/server/plugin/authenticator/ldap/LdapAuthenticator.java
View File

@ -227,7 +227,7 @@ public class LdapAuthenticator extends Authenticator {
}
NamingEnumeration<SearchResult> results = ctx.search(userSearchBase, userSearchFilter, searchControls);
if (results == null || !results.hasMore())
throw new UnknownAccountException("Unknown account");
throw new UnknownAccountException("Invalid credentials");
SearchResult searchResult = (SearchResult) results.next();
String userDN = searchResult.getNameInNamespace();
@ -251,10 +251,10 @@ public class LdapAuthenticator extends Authenticator {
ldapEnv.put(Context.SECURITY_CREDENTIALS, new String(token.getPassword()));
DirContext userCtx = null;
try {
logger.debug("Authenticating user by binding as '" + userDN + "'...");
userCtx = new InitialDirContext(ldapEnv);
} catch (AuthenticationException e) {
throw new org.apache.shiro.authc.AuthenticationException("Unable to bind as '" + userDN + "'", e);
logger.error("Unable to bind as '" + userDN + "'", e);
throw new org.apache.shiro.authc.AuthenticationException("Invalid credentials");
} finally {
if (userCtx != null) {
try {