diff --git a/seatunnel-server/seatunnel-app/src/main/resources/org/apache/seatunnel/app/dal/mapper/UserMapper.xml b/seatunnel-server/seatunnel-app/src/main/resources/org/apache/seatunnel/app/dal/mapper/UserMapper.xml
index f4e8abcb8..049aec328 100644
--- a/seatunnel-server/seatunnel-app/src/main/resources/org/apache/seatunnel/app/dal/mapper/UserMapper.xml
+++ b/seatunnel-server/seatunnel-app/src/main/resources/org/apache/seatunnel/app/dal/mapper/UserMapper.xml
@@ -96,7 +96,7 @@
select
select
diff --git a/seatunnel-server/seatunnel-server-common/src/main/java/org/apache/seatunnel/server/common/SeatunnelErrorEnum.java b/seatunnel-server/seatunnel-server-common/src/main/java/org/apache/seatunnel/server/common/SeatunnelErrorEnum.java
index 29c772ac7..56c89da33 100644
--- a/seatunnel-server/seatunnel-server-common/src/main/java/org/apache/seatunnel/server/common/SeatunnelErrorEnum.java
+++ b/seatunnel-server/seatunnel-server-common/src/main/java/org/apache/seatunnel/server/common/SeatunnelErrorEnum.java
@@ -32,8 +32,8 @@ public enum SeatunnelErrorEnum {
USERNAME_PASSWORD_NO_MATCHED(
10007,
- "username and password no matched",
- "The user name and password do not match, please check your input"),
+ "username and password not matched or user is disabled.",
+ "The user name and password do not match or user is disabled, please check your input"),
TOKEN_ILLEGAL(10008, "token illegal", "The token is expired or invalid, please login again."),
INVALID_AUTHENTICATION_PROVIDER(
diff --git a/seatunnel-web-it/src/test/java/org/apache/seatunnel/app/test/UserControllerTest.java b/seatunnel-web-it/src/test/java/org/apache/seatunnel/app/test/UserControllerTest.java
index 76c28b372..77363cc0a 100644
--- a/seatunnel-web-it/src/test/java/org/apache/seatunnel/app/test/UserControllerTest.java
+++ b/seatunnel-web-it/src/test/java/org/apache/seatunnel/app/test/UserControllerTest.java
@@ -24,6 +24,7 @@
import org.apache.seatunnel.app.domain.request.user.UserLoginReq;
import org.apache.seatunnel.app.domain.response.user.AddUserRes;
import org.apache.seatunnel.app.domain.response.user.UserSimpleInfoRes;
+import org.apache.seatunnel.server.common.SeatunnelErrorEnum;
import org.junit.jupiter.api.AfterAll;
import org.junit.jupiter.api.BeforeAll;
@@ -32,6 +33,7 @@
import java.util.function.Supplier;
import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertFalse;
import static org.junit.jupiter.api.Assertions.assertNotNull;
import static org.junit.jupiter.api.Assertions.assertTrue;
@@ -147,6 +149,36 @@ public void login_shouldFail_whenInvalidAuthType() {
assertEquals("Invalid authentication provider [INVALID_AUTH_TYPE]", loginResult.getMsg());
}
+ @Test
+ public void disabledUser_shouldNotBeAbleToLogin() {
+ String user = "disabledUser" + uniqueId.get();
+ String pass = "pass7";
+ AddUserReq addUserReq = getAddUserReq(user, pass);
+ Result result = userControllerWrapper.addUser(addUserReq);
+ assertTrue(result.isSuccess());
+
+ // Disable the user
+ UpdateUserReq updateUserReq = new UpdateUserReq();
+ updateUserReq.setUsername(user);
+ updateUserReq.setUserId(result.getData().getId());
+ updateUserReq.setPassword(pass);
+ updateUserReq.setStatus((byte) 1);
+ updateUserReq.setType((byte) 0);
+ Result disableUserResult =
+ userControllerWrapper.updateUser(
+ Long.toString(result.getData().getId()), updateUserReq);
+ assertTrue(disableUserResult.isSuccess());
+
+ // Attempt to login with the disabled user
+ UserLoginReq loginReq = new UserLoginReq();
+ loginReq.setUsername(user);
+ loginReq.setPassword(pass);
+ Result loginResult = userControllerWrapper.login(loginReq);
+ assertFalse(loginResult.isSuccess());
+ assertEquals(
+ SeatunnelErrorEnum.USERNAME_PASSWORD_NO_MATCHED.getCode(), loginResult.getCode());
+ }
+
@AfterAll
public static void tearDown() {
Result logout = userControllerWrapper.logout();