portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From tay...@apache.org
Subject svn commit: r1646910 - /portals/jetspeed-2/portal/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/UserPasswordCredentialManagerImpl.java
Date Sat, 20 Dec 2014 01:35:24 GMT
Author: taylor
Date: Sat Dec 20 01:35:23 2014
New Revision: 1646910

URL: http://svn.apache.org/r1646910
Log:
JS2-1308: Disabled user is never checked and new users can logon. patch from Martin Maidhof.

Modified:
    portals/jetspeed-2/portal/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/UserPasswordCredentialManagerImpl.java

Modified: portals/jetspeed-2/portal/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/UserPasswordCredentialManagerImpl.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/UserPasswordCredentialManagerImpl.java?rev=1646910&r1=1646909&r2=1646910&view=diff
==============================================================================
--- portals/jetspeed-2/portal/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/UserPasswordCredentialManagerImpl.java
(original)
+++ portals/jetspeed-2/portal/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/UserPasswordCredentialManagerImpl.java
Sat Dec 20 01:35:23 2014
@@ -88,14 +88,14 @@ public class UserPasswordCredentialManag
                 {
                     upcsm.storePasswordCredential(credential);
                 }
-                if (!credential.isEnabled() || credential.isExpired())
-                {
-                    throw new SecurityException(SecurityException.PRINCIPAL_DOES_NOT_EXIST.createScoped(JetspeedPrincipalType.USER,
userName));
-                }
-                else if (credential.getAuthenticationFailures() != 0)
-                {
-                    throw new SecurityException(SecurityException.INVALID_PASSWORD);
-                }
+            }
+            if (!credential.isEnabled() || credential.isExpired())
+            {
+                throw new SecurityException(SecurityException.PRINCIPAL_DOES_NOT_EXIST.createScoped(JetspeedPrincipalType.USER,
userName));
+            }
+            else if (credential.getAuthenticationFailures() != 0)
+            {
+                throw new SecurityException(SecurityException.INVALID_PASSWORD);
             }
         }
         else



---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org


Mime
View raw message