spring-security-kerberos icon indicating copy to clipboard operation
spring-security-kerberos copied to clipboard

Published 20 hours ago verified publisher icon spring-projects

KerberosServiceAuthenticationProvider should convert GSSException

Open BrunoEberhard opened this issue 7 years ago • 0 comments

In KerberosServiceAuthenticationProvider the method authenticate may throw GSSException. As GSSException is not a AuthenticationException this causes the ProviderManager to skip other AuthenticationProviders and lead to a 500 response in a web appliction.

GSSException is checked but not declared. See KerberosValidateAction run method. The acceptSecContext generates sometimes a GSSException.

BrunoEberhard avatar Aug 10 '17 11:08 BrunoEberhard