You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-dev@portals.apache.org by ta...@apache.org on 2014/12/20 02:35:24 UTC
svn commit: r1646910 -
/portals/jetspeed-2/portal/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/UserPasswordCredentialManagerImpl.java
Author: taylor
Date: Sat Dec 20 01:35:23 2014
New Revision: 1646910
URL: http://svn.apache.org/r1646910
Log:
JS2-1308: Disabled user is never checked and new users can logon. patch from Martin Maidhof.
Modified:
portals/jetspeed-2/portal/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/UserPasswordCredentialManagerImpl.java
Modified: portals/jetspeed-2/portal/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/UserPasswordCredentialManagerImpl.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/UserPasswordCredentialManagerImpl.java?rev=1646910&r1=1646909&r2=1646910&view=diff
==============================================================================
--- portals/jetspeed-2/portal/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/UserPasswordCredentialManagerImpl.java (original)
+++ portals/jetspeed-2/portal/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/UserPasswordCredentialManagerImpl.java Sat Dec 20 01:35:23 2014
@@ -88,14 +88,14 @@ public class UserPasswordCredentialManag
{
upcsm.storePasswordCredential(credential);
}
- if (!credential.isEnabled() || credential.isExpired())
- {
- throw new SecurityException(SecurityException.PRINCIPAL_DOES_NOT_EXIST.createScoped(JetspeedPrincipalType.USER, userName));
- }
- else if (credential.getAuthenticationFailures() != 0)
- {
- throw new SecurityException(SecurityException.INVALID_PASSWORD);
- }
+ }
+ if (!credential.isEnabled() || credential.isExpired())
+ {
+ throw new SecurityException(SecurityException.PRINCIPAL_DOES_NOT_EXIST.createScoped(JetspeedPrincipalType.USER, userName));
+ }
+ else if (credential.getAuthenticationFailures() != 0)
+ {
+ throw new SecurityException(SecurityException.INVALID_PASSWORD);
}
}
else
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org