You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-commits@jackrabbit.apache.org by al...@apache.org on 2015/05/27 16:23:46 UTC
svn commit: r1682042 -
/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModule.java
Author: alexparvulescu
Date: Wed May 27 14:23:45 2015
New Revision: 1682042
URL: http://svn.apache.org/r1682042
Log:
OAK-2913 TokenLoginModule should clear state in case of a login exception
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModule.java
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModule.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModule.java?rev=1682042&r1=1682041&r2=1682042&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModule.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModule.java Wed May 27 14:23:45 2015
@@ -155,36 +155,38 @@ public final class TokenLoginModule exte
updateSubject(tokenCredentials, getAuthInfo(tokenInfo), principals);
return true;
}
-
- if (tokenProvider != null && sharedState.containsKey(SHARED_KEY_CREDENTIALS)) {
- Credentials shared = getSharedCredentials();
- if (shared != null && tokenProvider.doCreateToken(shared)) {
- Root r = getRoot();
- if (r != null) {
- r.refresh(); // refresh root, in case the external login module created users
- }
- TokenInfo ti = tokenProvider.createToken(shared);
- if (ti != null) {
- TokenCredentials tc = new TokenCredentials(ti.getToken());
- Map<String, String> attributes = ti.getPrivateAttributes();
- for (String name : attributes.keySet()) {
- tc.setAttribute(name, attributes.get(name));
+ try{
+ if (tokenProvider != null && sharedState.containsKey(SHARED_KEY_CREDENTIALS)) {
+ Credentials shared = getSharedCredentials();
+ if (shared != null && tokenProvider.doCreateToken(shared)) {
+ Root r = getRoot();
+ if (r != null) {
+ r.refresh(); // refresh root, in case the external login module created users
}
- attributes = ti.getPublicAttributes();
- for (String name : attributes.keySet()) {
- tc.setAttribute(name, attributes.get(name));
+ TokenInfo ti = tokenProvider.createToken(shared);
+ if (ti != null) {
+ TokenCredentials tc = new TokenCredentials(ti.getToken());
+ Map<String, String> attributes = ti.getPrivateAttributes();
+ for (String name : attributes.keySet()) {
+ tc.setAttribute(name, attributes.get(name));
+ }
+ attributes = ti.getPublicAttributes();
+ for (String name : attributes.keySet()) {
+ tc.setAttribute(name, attributes.get(name));
+ }
+ sharedState.put(SHARED_KEY_ATTRIBUTES, attributes);
+ updateSubject(tc, null, null);
+ } else {
+ // failed to create token -> fail commit()
+ log.debug("TokenProvider failed to create a login token for user " + userId);
+ throw new LoginException("Failed to create login token for user " + userId);
}
- sharedState.put(SHARED_KEY_ATTRIBUTES, attributes);
- updateSubject(tc, null, null);
- } else {
- // failed to create token -> fail commit()
- log.debug("TokenProvider failed to create a login token for user " + userId);
- throw new LoginException("Failed to create login token for user " + userId);
}
}
+ } finally {
+ // the login attempt on this module did not succeed: clear state
+ clearState();
}
- // the login attempt on this module did not succeed: clear state
- clearState();
return false;
}