Error codes
LdapAuth returns an error code with a message if the JSON-RPC 2.0 request failed for some reason.
The error codes fall into three ranges according to their category:
| Range | Type |
|---|---|
| -2000 .. -2099 | User authentication and provisioning exceptions, such as LDAP directory exceptions. |
| -31100 .. -31199 | Access denied messages, such as access denied due to a blocked client IP address. |
| -32000 .. -32768 | Standard JSON-RPC 2.0 protocol errors. These are codes reserved by the RPC protocol to indicate errors such as badly formatted JSON-RPC 2.0 requests or invalid method parameters. |
Here is an example JSON-RPC 2.0 response that reports an -2000 error:
{ "error" : { "message" : "Bad username/password",
"code" : -2000 },
"id" : "0001",
"jsonrpc" : "2.0" }
The exact format of error responses is described in the JSON-RPC 2.0 specification.
LdapAuth keeps error messages deliberately concise. To obtain more information about the cause of an error examine the LdapAuth log file (logging must be enabled at INFO level).
User authentication and provisioning exceptions
This section lists JSON-RPC 2.0 errors indicating user authentication and attribute provisioning exceptions, such as LDAP directory exceptions.
| Code | Message |
|---|---|
| -2000 | Bad username/password |
| -2010 | “user.auth” requests denied |
| -2011 | “user.authGet” requests denied |
| -2012 | “user.get” requests denied |
| -2013 | “user.resolveDN” requests denied |
| -2020 | Json2Ldap/LDAP connection retrieval denied |
| -2030 | Json2Ldap/LDAP connection retrieval not supported by backend |
| -2031 | User DN resolution not supported/configured |
| -2032 | User attributes retrieval not supported/configured |
| -2033 | Directory connector stats not supported |
| -2040 | LDAP/Json2Ldap backend service exception |
Access denied messages
This section lists JSON-RPC 2.0 errors indicating the client was denied access to LdapAuth, e.g. due to a blocked client IP address.
| Code | Message |
|---|---|
| -31100 | Requests must be sent over HTTPS |
| -31105 | Client IP address denied access |
| -31110 | Trusted client X.509 certificate required |
| -31111 | Invalid client X.509 certificate principal DN |
| -31112 | Client X.509 certificate principal denied |
| -31120 | API key filter requires named JSON-RPC 2.0 parameters |
| -31121 | Missing API key |
| -31123 | API key denied access |
JSON-RPC 2.0 specific errors
Errors with codes between -32000 and -32768 are reserved by the JSON-RPC 2.0 specification to indicate a general protocol exception.
| Code | Message |
|---|---|
| -32700 | JSON parse error |
| -32600 | Invalid request |
| -32601 | Method not found |
| -32602 | Invalid parameters |
| -32603 | Internal error |