Skip to content

Commit

Permalink
add mfarequiredexception to stoIf to fix ldap
Browse files Browse the repository at this point in the history
- Prevent LDAP Authentication when local UAA authentication fails for MFAAuthenticationRequiredException
[#151568420]
Signed-off-by: Henry <Henry.zhao1@ge.com>
  • Loading branch information
Bharath committed Oct 31, 2017
1 parent 85ca4cf commit 67d0db9
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 3 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@

import org.cloudfoundry.identity.uaa.authentication.AccountNotVerifiedException;
import org.cloudfoundry.identity.uaa.authentication.AuthenticationPolicyRejectionException;
import org.cloudfoundry.identity.uaa.authentication.MfaAuthenticationRequiredException;
import org.cloudfoundry.identity.uaa.authentication.PasswordChangeRequiredException;
import org.cloudfoundry.identity.uaa.authentication.manager.ChainedAuthenticationManager.AuthenticationManagerConfiguration;
import org.cloudfoundry.identity.uaa.constants.OriginKeys;
Expand Down Expand Up @@ -72,7 +73,7 @@ protected ChainedAuthenticationManager getChainedAuthenticationManager(IdentityZ

if (uaaProvider.isActive()) {
AuthenticationManagerConfiguration uaaConfig = new AuthenticationManagerConfiguration(internalUaaAuthenticationManager, null);
uaaConfig.setStopIf(AccountNotVerifiedException.class, AuthenticationPolicyRejectionException.class, PasswordChangeRequiredException.class);
uaaConfig.setStopIf(AccountNotVerifiedException.class, AuthenticationPolicyRejectionException.class, PasswordChangeRequiredException.class, MfaAuthenticationRequiredException.class);
delegates.add(uaaConfig);
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -85,8 +85,6 @@ public void cleanup() {

@Test
public void testQRCodeScreen() {


performLogin(username);
assertEquals(zoneUrl + "/login/mfa/register", webDriver.getCurrentUrl());

Expand Down

0 comments on commit 67d0db9

Please sign in to comment.