Uploaded image for project: 'OpenId Connect'
  1. OpenId Connect
  2. OIDC-109

Error page for authentication failure

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Open
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: None
    • Labels:
      None
    • Difficulty:
      Unknown
    • Similar issues:

      Description

      Are there any plans to show an error page if the user is not allowed to authenticate?

      Currently, if the user is, for example, not in the allowed groups list, a generic error page with the stacktrace is shown – which is not very user friendly.

      HTTP Status 500 – Internal Server ErrorType Exception ReportMessage Failed to handle Resource Reference [path = authenticator/callback, endpoint = authenticator, pathSegments = [callback]]Description The server encountered an unexpected condition that prevented it from fulfilling the request.Exceptionjavax.servlet.ServletException: Failed to handle Resource Reference [path = authenticator/callback, endpoint = authenticator, pathSegments = [callback]]
      	org.xwiki.resource.servlet.ResourceReferenceHandlerServlet.handleResourceReference(ResourceReferenceHandlerServlet.java:161)
      	org.xwiki.resource.servlet.ResourceReferenceHandlerServlet.service(ResourceReferenceHandlerServlet.java:87)
      	javax.servlet.http.HttpServlet.service(HttpServlet.java:733)
      	org.xwiki.container.servlet.filters.internal.SetHTTPHeaderFilter.doFilter(SetHTTPHeaderFilter.java:63)
      	org.xwiki.resource.servlet.RoutingFilter.doFilter(RoutingFilter.java:145)
      Root Causeorg.xwiki.resource.ResourceReferenceHandlerException: Failed to handle http servlet request
      	org.xwiki.contrib.oidc.provider.internal.OIDCResourceReferenceHandler.handle(OIDCResourceReferenceHandler.java:110)
      	org.xwiki.resource.internal.DefaultResourceReferenceHandlerChain.handleNext(DefaultResourceReferenceHandlerChain.java:79)
      	org.xwiki.resource.internal.AbstractResourceReferenceHandlerManager.handle(AbstractResourceReferenceHandlerManager.java:82)
      	org.xwiki.resource.servlet.ResourceReferenceHandlerServlet.handleResourceReference(ResourceReferenceHandlerServlet.java:159)
      	org.xwiki.resource.servlet.ResourceReferenceHandlerServlet.service(ResourceReferenceHandlerServlet.java:87)
      	javax.servlet.http.HttpServlet.service(HttpServlet.java:733)
      	org.xwiki.container.servlet.filters.internal.SetHTTPHeaderFilter.doFilter(SetHTTPHeaderFilter.java:63)
      	org.xwiki.resource.servlet.RoutingFilter.doFilter(RoutingFilter.java:145)
      Root Causeorg.xwiki.contrib.oidc.provider.internal.OIDCException: The user is not allowed to authenticate because it's not a member of the following groups: [XWikiAllGroup]
      	org.xwiki.contrib.oidc.auth.internal.OIDCUserManager.checkAllowedGroups(OIDCUserManager.java:244)
      	org.xwiki.contrib.oidc.auth.internal.OIDCUserManager.updateUser(OIDCUserManager.java:305)
      	org.xwiki.contrib.oidc.auth.internal.OIDCUserManager.updateUserInfo(OIDCUserManager.java:193)
      	org.xwiki.contrib.oidc.auth.internal.OIDCUserManager.updateUserInfo(OIDCUserManager.java:161)
      	org.xwiki.contrib.oidc.auth.internal.endpoint.CallbackOIDCEndpoint.handle(CallbackOIDCEndpoint.java:201)
      	org.xwiki.contrib.oidc.provider.internal.OIDCResourceReferenceHandler.handle(OIDCResourceReferenceHandler.java:134)
      	org.xwiki.contrib.oidc.provider.internal.OIDCResourceReferenceHandler.handle(OIDCResourceReferenceHandler.java:108)
      	org.xwiki.resource.internal.DefaultResourceReferenceHandlerChain.handleNext(DefaultResourceReferenceHandlerChain.java:79)
      	org.xwiki.resource.internal.AbstractResourceReferenceHandlerManager.handle(AbstractResourceReferenceHandlerManager.java:82)
      	org.xwiki.resource.servlet.ResourceReferenceHandlerServlet.handleResourceReference(ResourceReferenceHandlerServlet.java:159)
      	org.xwiki.resource.servlet.ResourceReferenceHandlerServlet.service(ResourceReferenceHandlerServlet.java:87)
      	javax.servlet.http.HttpServlet.service(HttpServlet.java:733)
      	org.xwiki.container.servlet.filters.internal.SetHTTPHeaderFilter.doFilter(SetHTTPHeaderFilter.java:63)
      	org.xwiki.resource.servlet.RoutingFilter.doFilter(RoutingFilter.java:145)
      

      It would be nice to have some kind of access denied message for non technical users.

      I'm not familiar with the XWiki codebase yet, so i'm not sure where to start to help improve this behaviour.

        Attachments

          Activity

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            marius Marius
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Date of First Response: