Uploaded image for project: 'atlassian-seraph'
  1. atlassian-seraph
  2. SER-146

Improve Seraph so that it leaves side effects as to why an authentication attempt failed

    XMLWordPrintable

Details

    • Improvement
    • Resolution: Fixed
    • Medium
    • 2.1.5
    • 2.1.1
    • None
    • true

    Description

      Currently Seraph does not indicate why an authentication attempt failed, at least not from a in program filter or external script point of view

      So we will add a new LoginReason enum and create a X-Seraph-LoginReason header to explain how the authentication process went.

      Like this

          /**
     * The user is not allowed to even attempt a login.  They are not allowed to by the {@link
     * com.atlassian.seraph.elevatedsecurity.ElevatedSecurityGuard}
     */
    AUTHENTICATION_DENIED,
    /**
     * The user could not be authenticated.
     */
    AUTHENTICATED_FAILED,
    /**
     * The user could not be authorised.
     */
    AUTHORISATION_FAILED,
    /**
     * This indicates that person has in fact logged "out"
     */
    OUT,
    /**
     * The login was OK
     */
    OK;

      Attachments

        Activity

          People

            Unassigned Unassigned
            bbaker ɹǝʞɐq pɐɹq
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:
              12 years, 28 weeks, 2 days ago