diff --git a/gerrit-httpd/src/main/java/com/google/gerrit/httpd/ProjectBasicAuthFilter.java b/gerrit-httpd/src/main/java/com/google/gerrit/httpd/ProjectBasicAuthFilter.java index 400b1465fa..5d896dfba9 100644 --- a/gerrit-httpd/src/main/java/com/google/gerrit/httpd/ProjectBasicAuthFilter.java +++ b/gerrit-httpd/src/main/java/com/google/gerrit/httpd/ProjectBasicAuthFilter.java @@ -26,6 +26,7 @@ import com.google.gerrit.server.account.AccountManager; import com.google.gerrit.server.account.AccountState; import com.google.gerrit.server.account.AuthRequest; import com.google.gerrit.server.account.AuthResult; +import com.google.gerrit.server.account.AuthenticationFailedException; import com.google.gerrit.server.auth.NoSuchUserException; import com.google.gerrit.server.config.AuthConfig; import com.google.inject.Inject; @@ -168,6 +169,10 @@ class ProjectBasicAuthFilter implements Filter { rsp.sendError(SC_UNAUTHORIZED); return false; } + } catch (AuthenticationFailedException e) { + log.warn("Authentication failed for " + username + ": " + e.getMessage()); + rsp.sendError(SC_UNAUTHORIZED); + return false; } catch (AccountException e) { log.warn("Authentication failed for " + username, e); rsp.sendError(SC_UNAUTHORIZED); diff --git a/gerrit-server/src/main/java/com/google/gerrit/server/account/AuthenticationFailedException.java b/gerrit-server/src/main/java/com/google/gerrit/server/account/AuthenticationFailedException.java new file mode 100644 index 0000000000..50fb79bd64 --- /dev/null +++ b/gerrit-server/src/main/java/com/google/gerrit/server/account/AuthenticationFailedException.java @@ -0,0 +1,26 @@ +// Copyright (C) 2015 The Android Open Source Project +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package com.google.gerrit.server.account; + +import com.google.gerrit.server.account.AccountException; + +/** Authentication failed due to incorrect user or password. */ +public class AuthenticationFailedException extends AccountException { + private static final long serialVersionUID = 1L; + + public AuthenticationFailedException(String message, Throwable why) { + super(message, why); + } +} diff --git a/gerrit-server/src/main/java/com/google/gerrit/server/auth/ldap/Helper.java b/gerrit-server/src/main/java/com/google/gerrit/server/auth/ldap/Helper.java index 4c29c9b225..966c77ac86 100644 --- a/gerrit-server/src/main/java/com/google/gerrit/server/auth/ldap/Helper.java +++ b/gerrit-server/src/main/java/com/google/gerrit/server/auth/ldap/Helper.java @@ -20,6 +20,7 @@ import com.google.common.collect.ImmutableSet; import com.google.gerrit.common.data.ParameterizedString; import com.google.gerrit.reviewdb.client.AccountGroup; import com.google.gerrit.server.account.AccountException; +import com.google.gerrit.server.account.AuthenticationFailedException; import com.google.gerrit.server.auth.NoSuchUserException; import com.google.gerrit.server.config.ConfigUtil; import com.google.gerrit.server.config.GerritServerConfig; @@ -172,7 +173,7 @@ import javax.security.auth.login.LoginException; try { return new InitialDirContext(env); } catch (NamingException e) { - throw new AccountException("Incorrect username or password", e); + throw new AuthenticationFailedException("Incorrect username or password", e); } }