Skip to content

Throw AuthenticationException if failed to conn due to auth errors #315

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Feb 6, 2017
Merged

Throw AuthenticationException if failed to conn due to auth errors #315

merged 2 commits into from
Feb 6, 2017

Conversation

zhenlineo
Copy link
Contributor

This includes the error that the client provide a wrong credentials and
the server provides a wrong certificate.

technige
technige reviewed Feb 2, 2017
View reviewed changes
driver/src/main/java/org/neo4j/driver/internal/security/TLSSocketChannel.java Outdated
@@ -81,7 +82,7 @@ public static TLSSocketChannel create( ByteChannel channel, Logger logger, SSLEn
}
catch ( SSLHandshakeException e )
{
throw new ClientException( "Failed to establish secured connection with the server: " + e.getMessage(), e );
throw new UnauthorizedException( "Failed to establish secured connection with the server: " + e.getMessage(), e );
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not sure that we should reuse UnauthorizedException for TLS handshake failure as well as for actual login failure. The Python driver uses ServiceUnavailable here but that doesn't seem quite right either.

Perhaps we should have something separate such as SecurityLayerUnavailable?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would prefer to have fewer public errors. So how about change both of them to SecurityException/AuthorizationException?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

+1 for AuthorizationException

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think the name is fine as-is for login failure but why would fewer errors be useful here? Login failure could trigger an application code path that requires the user to enter new login details whereas an SSL handshake failure should not.

lutovich
lutovich reviewed Feb 2, 2017
View reviewed changes
Copy link
Contributor

@lutovich lutovich left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@zhenlineo changes look good, name of UnauthorizedException is probably the only thing that could be improved.

@zhenlineo
Copy link
Contributor Author

Will merge this one latter after the big routing specification change, as it should be easier to rebase this PR

Zhen added 2 commits February 6, 2017 10:08
Throw UnauthorizedException if failed to conn due to auth errors
159c655 
This includes the error that the client provide a wrong credentials and
the server provides a wrong certificate.
Added top class SecurityException for all errors that related to secu…
19b45fd 
…rity

Changed from UnauthorizedException to AuthenticationException for wrong username/password
Use SecurityException for failed to tls handshake
@zhenlineo zhenlineo merged commit db06302 into neo4j:1.1 Feb 6, 2017
@zhenlineo zhenlineo deleted the 1.1-auth-error branch February 6, 2017 09:30
@lutovich lutovich changed the title Throw UnauthorizedException if failed to conn due to auth errors Throw AuthenticationException if failed to conn due to auth errors Feb 9, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@technige technige technige left review comments

@lutovich lutovich lutovich approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@zhenlineo @technige @lutovich