Better error message for expired credentials (MID-3746)

Evolveum · Dec 1, 2017 · beaaf14 · beaaf14
1 parent c28d59c
commit beaaf14
Show file tree

Hide file tree

Showing 3 changed files with 6 additions and 2 deletions.
diff --git a/gui/admin-gui/src/main/resources/localization/Midpoint.properties b/gui/admin-gui/src/main/resources/localization/Midpoint.properties
@@ -3091,6 +3091,8 @@ web.security.provider.locked=User is locked, please wait.
 web.security.provider.password.bad=User doesn't have defined password.
 web.security.provider.password.encoding=Couldn't authenticate user, reason: couldn't encode password.
 web.security.provider.unavailable=Currently we are unable to process your request. Kindly try again later.
+web.security.provider.credential.bad=Bad credentials
+web.security.provider.credential.expired=Credentials have expired
 web.security.ldap.access.denied=Access denied. You don't have permission to access, please contact Identity Manager's administrators.
 web.security.ldap.denied=Permission denied.
 web.security.ldap.disabled=User is disabled.

diff --git a/gui/admin-gui/src/main/resources/localization/Midpoint_en.properties b/gui/admin-gui/src/main/resources/localization/Midpoint_en.properties
@@ -3083,6 +3083,8 @@ web.security.provider.locked=User is locked, please wait.
 web.security.provider.password.bad=User doesn't have defined password.
 web.security.provider.password.encoding=Couldn't authenticate user, reason: couldn't encode password.
 web.security.provider.unavailable=Currently we are unable to process your request. Kindly try again later.
+web.security.provider.credential.bad=Bad credentials
+web.security.provider.credential.expired=Credentials have expired
 web.security.ldap.access.denied=Access denied. You don't have permission to access, please contact Identity Manager's administrators.
 web.security.ldap.denied=Permission denied.
 web.security.ldap.disabled=User is disabled.

diff --git a/.../src/main/java/com/evolveum/midpoint/model/impl/security/AuthenticationEvaluatorImpl.java b/.../src/main/java/com/evolveum/midpoint/model/impl/security/AuthenticationEvaluatorImpl.java
@@ -303,7 +303,7 @@ private <P extends CredentialPolicyType> void checkPasswordValidityAndAge(Connec
 				XMLGregorianCalendar passwordValidUntil = XmlTypeConverter.addDuration(changeTimestamp, maxAge);
 				if (clock.isPast(passwordValidUntil)) {
 					recordAuthenticationFailure(principal, connEnv, "password expired");
-					throw new CredentialsExpiredException(messages.getMessage("web.security.provider.password.bad"));
+					throw new CredentialsExpiredException(messages.getMessage("web.security.provider.credential.expired"));
 				}
 			}
 		}
@@ -325,7 +325,7 @@ private void checkPasswordValidityAndAge(ConnectionEnvironment connEnv, @NotNull
 				XMLGregorianCalendar passwordValidUntil = XmlTypeConverter.addDuration(changeTimestamp, maxAge);
 				if (clock.isPast(passwordValidUntil)) {
 					recordAuthenticationFailure(principal, connEnv, "password expired");
-					throw new CredentialsExpiredException(messages.getMessage("web.security.provider.password.bad"));
+					throw new CredentialsExpiredException(messages.getMessage("web.security.provider.credential.expired"));
 				}
 			}
 		}