Open enridaga opened 8 years ago
Trace is something like:
org.apache.shiro.authc.UnknownAccountException: No account found for user [enrico]
at org.apache.shiro.realm.jdbc.JdbcRealm.doGetAuthenticationInfo(JdbcRealm.java:238) ~[basil-server-0.4.0-SNAPSHOT.jar:?]
at org.apache.shiro.realm.AuthenticatingRealm.getAuthenticationInfo(AuthenticatingRealm.java:568) ~[basil-server-0.4.0-SNAPSHOT.jar:?]
at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doSingleRealmAuthentication(ModularRealmAuthenticator.java:180) ~[basil-server-0.4.0-SNAPSHOT.jar:?]
at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doAuthenticate(ModularRealmAuthenticator.java:267) ~[basil-server-0.4.0-SNAPSHOT.jar:?]
at org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:198) ~[basil-server-0.4.0-SNAPSHOT.jar:?]
at org.apache.shiro.mgt.AuthenticatingSecurityManager.authenticate(AuthenticatingSecurityManager.java:106) ~[basil-server-0.4.0-SNAPSHOT.jar:?]
at org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:270) ~[basil-server-0.4.0-SNAPSHOT.jar:?]
at org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256) ~[basil-server-0.4.0-SNAPSHOT.jar:?]
at uk.ac.open.kmi.basil.rest.auth.Auth
We should avoid to print this stacktrace as well, and not pollute the logs.
We should return a proper status and message instead