You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@syncope.apache.org by "Guido Wimmel (JIRA)" <ji...@apache.org> on 2015/03/09 13:26:38 UTC

[jira] [Created] (SYNCOPE-651) SyncopeUser:checkToken() should fail if token is not set on user

Guido Wimmel created SYNCOPE-651:
------------------------------------

             Summary: SyncopeUser:checkToken() should fail if token is not set on user
                 Key: SYNCOPE-651
                 URL: https://issues.apache.org/jira/browse/SYNCOPE-651
             Project: Syncope
          Issue Type: Improvement
          Components: core
    Affects Versions: 1.2.2, 1.1.8
            Reporter: Guido Wimmel
            Priority: Minor
             Fix For: 1.1.9, 1.2.3, 2.0.0


Currently, SyncopeUser:checkToken(String token) always returns true if user.token==null (i.e., the token attribute is not set). This is counterintuitive if the token parameter is not null (as the token passed as a parameter is obviously not valid).

To make workflow implementations more robust, SyncopeUser:checkToken(String token) should return false if the token parameter is not null and user.token is null.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)