You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@syncope.apache.org by "Guido Wimmel (JIRA)" <ji...@apache.org> on 2015/03/09 13:26:38 UTC
[jira] [Created] (SYNCOPE-651) SyncopeUser:checkToken() should fail
if token is not set on user
Guido Wimmel created SYNCOPE-651:
------------------------------------
Summary: SyncopeUser:checkToken() should fail if token is not set on user
Key: SYNCOPE-651
URL: https://issues.apache.org/jira/browse/SYNCOPE-651
Project: Syncope
Issue Type: Improvement
Components: core
Affects Versions: 1.2.2, 1.1.8
Reporter: Guido Wimmel
Priority: Minor
Fix For: 1.1.9, 1.2.3, 2.0.0
Currently, SyncopeUser:checkToken(String token) always returns true if user.token==null (i.e., the token attribute is not set). This is counterintuitive if the token parameter is not null (as the token passed as a parameter is obviously not valid).
To make workflow implementations more robust, SyncopeUser:checkToken(String token) should return false if the token parameter is not null and user.token is null.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)