Uploaded image for project: 'Sakai'
  1. Sakai
  2. SAK-40571

Don't log stack trace for basic auth in the absence of an auth header

    Details

    • Type: Task
    • Status: Verified
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 12.3
    • Fix Version/s: 12.6, 19.0
    • Component/s: None
    • Labels:
      None
    • 12 status:
      Resolved
    • Test Plan:
      Hide

      Please add a Test Plan here.

      Show
      Please add a Test Plan here.

      Description

      For some reason, basic auth in 12.x logs a stack trace complaining about missing values when configured with:

      allow.basic.auth.login = true

      and you access a URL like this:

      curl https://some.server/direct/session.json

      you get:

      2018-06-24 16:19:55,888 ERROR ajp-nio-8009-exec-60 org.sakaiproject.util.BasicAuth - missing required fields
      org.sakaiproject.user.api.AuthenticationException: missing required fields
      at org.sakaiproject.util.BasicAuth.doLogin(BasicAuth.java:241)
      at org.sakaiproject.entitybroker.servlet.SakaiDirectServlet.dispatch(SakaiDirectServlet.java:142)
      at org.sakaiproject.entitybroker.util.servlet.DirectServlet.handleRequest(DirectServlet.java:159)
      at org.sakaiproject.entitybroker.util.servlet.DirectServlet.service(DirectServlet.java:134)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:742)
      

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                smarquard Stephen Marquard
                Reporter:
                smarquard Stephen Marquard
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Git Source Code