-
Type:
Bug
-
Status: Resolved
-
Priority:
Minor
-
Resolution: Fixed
-
Affects Version/s: 11.0.0, 11.0.1, 11.0.2, 11.0.3, 12.0.0, 12.0.1, 12.0.2, 12.0.3, 12.0.4, 13.0.0, 13.5.0, 13.5.1, 14.0.0, 14.1.0, 14.1.1, 14.5.0, 14.5.1, 5.5.1
-
Component/s: authentication
-
Target Version/s:
-
Rank:1|hzv9u7:
-
Sprint:AM Sustaining Sprint 49, AM Sustaining Sprint 50, AM Sustaining Sprint 51
-
Story Points:1
-
Needs backport:Yes
-
Support Ticket IDs:
-
Needs QA verification:No
-
Functional tests:No
-
Are the reproduction steps defined?:Yes and I used the same an in the description
Bug description
using LDAP authentication module, response controls received from the LDAP server are not logged in Authentication debug log
How to reproduce the issue
- Configure AM
- Configure OpenLDAP as user data store
- Configure LDAP Auth module to use OpenLDAP
- Use LDAP auth module for authentication
Expected behaviour
The response controls sent by the Directory Server should be seen in Authentication debug log in 'message' level for troubleshooting purpose.
Current behaviour
Response Controls do not show up in Authentication debug logs.
Code analysis
org.forgerock.openam.ldap.LDAPAuthUtils.java
... private List<Control> processControls(Result result) { if (result == null) { return Collections.EMPTY_LIST; } List<Control> controls = new ArrayList<Control>(); DecodeOptions options = new DecodeOptions(); Control c; try { c = result.getControl(PasswordExpiredResponseControl.DECODER, options); if (c != null) { controls.add(c); } } catch (DecodeException de) { if (debug.warningEnabled()) { debug.warning("unable to decode PasswordExpiredResponseControl", de); } } try { c = result.getControl(PasswordExpiringResponseControl.DECODER, options); if (c != null) { controls.add(c); } } catch (DecodeException de) { if (debug.warningEnabled()) { debug.warning("unable to decode PasswordExpiringResponseControl", de); } } try { c = result.getControl(PasswordPolicyResponseControl.DECODER, options); if (c != null) { controls.add(c); } } catch (DecodeException de) { if (debug.warningEnabled()) { debug.warning("unable to decode PasswordPolicyResponseControl", de); } } return controls; } ...