prefer IllegalArgumentException when escapeHatchEnabled in FIPS mode

Signed-off-by: Olivier Lamy <[email protected]>
jenkinsci · Oct 10, 2024 · df6e4dd · df6e4dd
1 parent 74ad0ec
commit df6e4dd
Showing 1 changed file with 7 additions and 1 deletion.
diff --git a/src/main/java/org/jenkinsci/plugins/oic/OicSecurityRealm.java b/src/main/java/org/jenkinsci/plugins/oic/OicSecurityRealm.java
@@ -320,9 +320,15 @@ protected Object readResolve() throws ObjectStreamException {
         this.setTokenFieldToCheckKey(this.tokenFieldToCheckKey);
         // ensure escapeHatchSecret is encrypted
         this.setEscapeHatchSecret(this.escapeHatchSecret);
+
+        // validate this option in FIPS env or not
         try {
-            // validate this option in FIPS env or not
             this.setEscapeHatchEnabled(this.escapeHatchEnabled);
+        } catch (FormException e) {
+            throw new IllegalArgumentException(e);
+        }
+
+        try {
             if (automanualconfigure != null) {
                 if ("auto".equals(automanualconfigure)) {
                     OicServerWellKnownConfiguration conf =