You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@tomee.apache.org by ra...@apache.org on 2019/01/09 17:26:06 UTC
[tomee] 18/48: TOMEE-2365 - Properly override validate method on
default Identity Store.
This is an automated email from the ASF dual-hosted git repository.
radcortez pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomee.git
commit 627224f89078b0e1adad09864ca3b471f534e8e0
Author: Roberto Cortez <ra...@yahoo.com>
AuthorDate: Wed Dec 26 16:15:36 2018 +0000
TOMEE-2365 - Properly override validate method on default Identity Store.
---
.../identitystore/TomEEDefaultIdentityStore.java | 17 ++++++++++++-----
1 file changed, 12 insertions(+), 5 deletions(-)
diff --git a/tomee/tomee-security/src/main/java/org/apache/tomee/security/identitystore/TomEEDefaultIdentityStore.java b/tomee/tomee-security/src/main/java/org/apache/tomee/security/identitystore/TomEEDefaultIdentityStore.java
index a687ae1..48caa07 100644
--- a/tomee/tomee-security/src/main/java/org/apache/tomee/security/identitystore/TomEEDefaultIdentityStore.java
+++ b/tomee/tomee-security/src/main/java/org/apache/tomee/security/identitystore/TomEEDefaultIdentityStore.java
@@ -25,6 +25,7 @@ import org.apache.tomee.loader.TomcatHelper;
import javax.annotation.PostConstruct;
import javax.enterprise.context.ApplicationScoped;
+import javax.security.enterprise.credential.Credential;
import javax.security.enterprise.credential.UsernamePasswordCredential;
import javax.security.enterprise.identitystore.CredentialValidationResult;
import javax.security.enterprise.identitystore.IdentityStore;
@@ -44,11 +45,17 @@ public class TomEEDefaultIdentityStore implements IdentityStore {
userDatabase = (UserDatabase) server.getGlobalNamingContext().lookup(userDataBaseResource.getName());
}
- public CredentialValidationResult validate(final UsernamePasswordCredential credential) {
- return Optional.ofNullable(userDatabase.findUser(credential.getCaller()))
- .filter(user -> user.getPassword().equals(credential.getPasswordAsString()))
- .map(user -> new CredentialValidationResult(user.getUsername(), getUserRoles(user)))
- .orElse(CredentialValidationResult.INVALID_RESULT);
+ @Override
+ public CredentialValidationResult validate(final Credential credential) {
+ if (credential instanceof UsernamePasswordCredential) {
+ final UsernamePasswordCredential usernamePasswordCredential = (UsernamePasswordCredential) credential;
+ return Optional.ofNullable(userDatabase.findUser(usernamePasswordCredential.getCaller()))
+ .filter(user -> user.getPassword().equals(usernamePasswordCredential.getPasswordAsString()))
+ .map(user -> new CredentialValidationResult(user.getUsername(), getUserRoles(user)))
+ .orElse(CredentialValidationResult.INVALID_RESULT);
+ }
+
+ return CredentialValidationResult.NOT_VALIDATED_RESULT;
}
@Override