You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@turbine.apache.org by gk...@apache.org on 2017/01/26 09:06:05 UTC
svn commit: r1780341 -
/turbine/core/trunk/src/java/org/apache/turbine/modules/actions/LoginUser.java
Author: gk
Date: Thu Jan 26 09:06:05 2017
New Revision: 1780341
URL: http://svn.apache.org/viewvc?rev=1780341&view=rev
Log:
- no anon user login by default
Modified:
turbine/core/trunk/src/java/org/apache/turbine/modules/actions/LoginUser.java
Modified: turbine/core/trunk/src/java/org/apache/turbine/modules/actions/LoginUser.java
URL: http://svn.apache.org/viewvc/turbine/core/trunk/src/java/org/apache/turbine/modules/actions/LoginUser.java?rev=1780341&r1=1780340&r2=1780341&view=diff
==============================================================================
--- turbine/core/trunk/src/java/org/apache/turbine/modules/actions/LoginUser.java (original)
+++ turbine/core/trunk/src/java/org/apache/turbine/modules/actions/LoginUser.java Thu Jan 26 09:06:05 2017
@@ -32,6 +32,7 @@ import org.apache.turbine.om.security.Us
import org.apache.turbine.pipeline.PipelineData;
import org.apache.turbine.services.security.SecurityService;
import org.apache.turbine.util.RunData;
+import org.apache.turbine.util.TurbineException;
/**
* This is where we authenticate the user logging into the system
@@ -96,6 +97,11 @@ public class LoginUser
try
{
+ if (username.equals(security.getAnonymousUser().getName()))
+ {
+ throw new TurbineException("Anonymous user cannot login");
+ }
+
// Authenticate the user and get the object.
User user = security.getAuthenticatedUser(username, password);