External-Mirrors/keycloak
2
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2026-01-09 23:12:06 -03:30
Code Issues Packages Projects Releases Wiki Activity

Avoid NPE when checking exceptions for password based Kerberos login

Browse Source 
Closes #36061

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
This commit is contained in:
Alexander Schwartz 2024-12-19 18:03:12 +01:00 committed by Marek Posolda
parent 4669cfe9cb
commit 180be7b182
1 changed files with 17 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
federation/kerberos/src/main/java/org/keycloak/federation/kerberos/impl/KerberosUsernamePasswordAuthenticator.java
View File

@ -102,6 +102,7 @@ public class KerberosUsernamePasswordAuthenticator {
}
protected void checkKerberosServerAvailable(LoginException le) {
if (le.getMessage() != null) {
String message = le.getMessage().toUpperCase();
if (message.contains("PORT UNREACHABLE") ||
message.contains("CANNOT LOCATE") ||
@ -111,14 +112,20 @@ public class KerberosUsernamePasswordAuthenticator {
message.contains("RECEIVE TIMED OUT")) {
throw new ModelException("Kerberos unreachable", le);
}
} else if (le.getCause() instanceof IOException) {
// for example, a PortUnreachable exception if the server is not running
throw new ModelException("Kerberos unreachable", le);
}
}
protected void checkKerberosUsername(LoginException le) {
if (le.getMessage() != null) {
String message = le.getMessage();
if (message.contains("IllegalArgumentException")) {
throw new ModelException("Kerberos illegal username", le);
}
}
}
/**