Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

One Time Token user lookup should fail with BadCredentialsException #16494

Closed
jzheaux opened this issue Jan 28, 2025 · 1 comment · May be fixed by #16506
Closed

One Time Token user lookup should fail with BadCredentialsException #16494

jzheaux opened this issue Jan 28, 2025 · 1 comment · May be fixed by #16506
Assignees
@jzheaux
Labels
in: core An issue in spring-security-core status: duplicate A duplicate of another issue type: enhancement A general enhancement
Milestone
6.5.x

Comments

@jzheaux
Copy link
Contributor

jzheaux commented Jan 28, 2025
edited
Loading

When credentials fail authentication, Spring Security conventionally throws BadCredentialsException.

OneTimeTokenAuthenticationProvider should catch UsernameNotFoundException, wrap it, and rethrow as BadCredentialsException.
@jzheaux jzheaux added status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement labels Jan 28, 2025
franticticktick added a commit to franticticktick/spring-security that referenced this issue Jan 30, 2025
@franticticktick
Add Support BadCredentialsException to OneTimeTokenAuthenticationProv…
f178331 
…ider

Closes spring-projectsgh-16494

Signed-off-by: Max Batischev <[email protected]>
@franticticktick franticticktick mentioned this issue Jan 30, 2025
Open
franticticktick added a commit to franticticktick/spring-security that referenced this issue Jan 30, 2025
@franticticktick
Add Support BadCredentialsException to OneTimeTokenAuthenticationProv…
c58dfe3 
…ider

Closes spring-projectsgh-16494

Signed-off-by: Max Batischev <[email protected]>
@jzheaux jzheaux added in: core An issue in spring-security-core and removed status: waiting-for-triage An issue we've not yet triaged labels Feb 3, 2025
@jzheaux jzheaux added this to the 6.5.x milestone Feb 3, 2025
@jzheaux jzheaux self-assigned this Feb 3, 2025
@jzheaux jzheaux added the status: duplicate A duplicate of another issue label Feb 3, 2025
@jzheaux
Copy link
Contributor Author

jzheaux commented Feb 3, 2025

Closed in favor of #16506

@jzheaux jzheaux closed this as completed Feb 3, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jzheaux jzheaux

Labels
in: core An issue in spring-security-core status: duplicate A duplicate of another issue type: enhancement A general enhancement
Projects
None yet
Milestone
6.5.x
Development

Successfully merging a pull request may close this issue.

Add BadCredentialsException to OneTimeTokenAuthenticationProvider franticticktick/spring-security
1 participant
@jzheaux