You are viewing a plain text version of this content. The canonical link for it is here.

Posted to server-dev@james.apache.org by no...@apache.org on 2010/10/29 12:55:01 UTC

svn commit: r1028682 - /james/protocols/trunk/smtp/src/main/java/org/apache/james/protocols/smtp/core/AbstractSenderAuthIdentifyVerificationRcptHook.java

Author: norman
Date: Fri Oct 29 10:55:01 2010
New Revision: 1028682

URL: http://svn.apache.org/viewvc?rev=1028682&view=rev
Log:
Ignore case on sender verification (PROTOCOLS-6 and JAMES-837)

Modified:
    james/protocols/trunk/smtp/src/main/java/org/apache/james/protocols/smtp/core/AbstractSenderAuthIdentifyVerificationRcptHook.java

Modified: james/protocols/trunk/smtp/src/main/java/org/apache/james/protocols/smtp/core/AbstractSenderAuthIdentifyVerificationRcptHook.java
URL: http://svn.apache.org/viewvc/james/protocols/trunk/smtp/src/main/java/org/apache/james/protocols/smtp/core/AbstractSenderAuthIdentifyVerificationRcptHook.java?rev=1028682&r1=1028681&r2=1028682&view=diff
==============================================================================
--- james/protocols/trunk/smtp/src/main/java/org/apache/james/protocols/smtp/core/AbstractSenderAuthIdentifyVerificationRcptHook.java (original)
+++ james/protocols/trunk/smtp/src/main/java/org/apache/james/protocols/smtp/core/AbstractSenderAuthIdentifyVerificationRcptHook.java Fri Oct 29 10:55:01 2010
@@ -51,8 +51,12 @@ public abstract class AbstractSenderAuth
                     username = senderAddress.getLocalPart();
                 }
             }
+            
+            // Check if the sender address is the same as the user which was used to authenticate.
+            // Its important to ignore case here to fix JAMES-837. This is save todo because if the handler is called
+            // the user was already authenticated
             if ((senderAddress == null)
-                    || (!authUser.equals(username))
+                    || (!authUser.equalsIgnoreCase(username))
                     || (!isLocalDomain(senderAddress.getDomain()))) {
                 return new HookResult(HookReturnCode.DENY, 
                         SMTPRetCode.BAD_SEQUENCE,



---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org