portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From tay...@apache.org
Subject svn commit: r1646912 - /portals/jetspeed-2/portal/branches/JETSPEED-BRANCH-2.2.2-POST-RELEASE/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/UserPasswordCredentialManagerImpl.java
Date Sat, 20 Dec 2014 01:37:48 GMT
Author: taylor
Date: Sat Dec 20 01:37:47 2014
New Revision: 1646912

URL: http://svn.apache.org/r1646912
Log:
JS2-1308: Disabled user is never checked and new users can logon. patch from Martin Maidhof.

Modified:
    portals/jetspeed-2/portal/branches/JETSPEED-BRANCH-2.2.2-POST-RELEASE/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/UserPasswordCredentialManagerImpl.java

Modified: portals/jetspeed-2/portal/branches/JETSPEED-BRANCH-2.2.2-POST-RELEASE/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/UserPasswordCredentialManagerImpl.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/JETSPEED-BRANCH-2.2.2-POST-RELEASE/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/UserPasswordCredentialManagerImpl.java?rev=1646912&r1=1646911&r2=1646912&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/JETSPEED-BRANCH-2.2.2-POST-RELEASE/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/UserPasswordCredentialManagerImpl.java
(original)
+++ portals/jetspeed-2/portal/branches/JETSPEED-BRANCH-2.2.2-POST-RELEASE/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/UserPasswordCredentialManagerImpl.java
Sat Dec 20 01:37:47 2014
@@ -88,14 +88,14 @@ public class UserPasswordCredentialManag
                 {
                     upcsm.storePasswordCredential(credential);
                 }
-                if (!credential.isEnabled() || credential.isExpired())
-                {
-                    throw new SecurityException(SecurityException.PRINCIPAL_DOES_NOT_EXIST.createScoped(JetspeedPrincipalType.USER,
userName));
-                }
-                else if (credential.getAuthenticationFailures() != 0)
-                {
-                    throw new SecurityException(SecurityException.INVALID_PASSWORD);
-                }
+            }
+            if (!credential.isEnabled() || credential.isExpired())
+            {
+                throw new SecurityException(SecurityException.PRINCIPAL_DOES_NOT_EXIST.createScoped(JetspeedPrincipalType.USER,
userName));
+            }
+            else if (credential.getAuthenticationFailures() != 0)
+            {
+                throw new SecurityException(SecurityException.INVALID_PASSWORD);
             }
         }
         else



---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org


Mime
View raw message