500 Internal Server Error on invalid password #19
Labels
bug
Something isn't working
Comments
|
Hi, thanks for reporting, it certainly looks like a bug and the client shall get 401. P.S.: While I'll try to work on this, there is no specific timeline to solve this atm, PR, as always, is welcomed. It's just not sth that I personally have issues with so it's not an imminent problem for my scenario, despite it sux and better be fixed. |
|
Understood. Thank you for looking into it when you have time. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
When entering username correctly and password wrong, the client browser gets a "500 Internal Server Error" and the logs show:
time="2021-01-28T01:11:03Z" level=warning msg="Failed to authenticate: LDAP Result Code 49 \"Invalid Credentials\": 80090308: LdapErr: DSID-0C09044E, comment: AcceptSecurityContext error, data 775, v2580\x00" time="2021-01-28T01:11:03Z" level=debug msg="<<< GET /auth 401"Shouldn't the client be getting a 401 instead of a 500?
Other login failures where the username is wrong give the client a 401:
time="2021-01-28T00:59:49Z" level=warning msg="Failed to authenticate: User does not exist" time="2021-01-28T00:59:49Z" level=debug msg="<<< GET /auth 401"The text was updated successfully, but these errors were encountered: