You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by co...@apache.org on 2019/01/15 11:00:44 UTC
directory-kerby git commit: Fixing the logic in the LoginModules
Repository: directory-kerby
Updated Branches:
refs/heads/trunk 1d61c68f5 -> 2f20a0cf5
Fixing the logic in the LoginModules
Project: http://git-wip-us.apache.org/repos/asf/directory-kerby/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-kerby/commit/2f20a0cf
Tree: http://git-wip-us.apache.org/repos/asf/directory-kerby/tree/2f20a0cf
Diff: http://git-wip-us.apache.org/repos/asf/directory-kerby/diff/2f20a0cf
Branch: refs/heads/trunk
Commit: 2f20a0cf5dbb8a85486aa6f425201b8442b67d26
Parents: 1d61c68
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Tue Jan 15 11:00:33 2019 +0000
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Tue Jan 15 11:00:33 2019 +0000
----------------------------------------------------------------------
.../apache/kerby/has/client/HasLoginModule.java | 17 ++++++++---------
.../kerb/client/jaas/TokenAuthLoginModule.java | 16 +++++++++-------
2 files changed, 17 insertions(+), 16 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/2f20a0cf/has-project/has-client/src/main/java/org/apache/kerby/has/client/HasLoginModule.java
----------------------------------------------------------------------
diff --git a/has-project/has-client/src/main/java/org/apache/kerby/has/client/HasLoginModule.java b/has-project/has-client/src/main/java/org/apache/kerby/has/client/HasLoginModule.java
index c763a5b..0c9bdb7 100644
--- a/has-project/has-client/src/main/java/org/apache/kerby/has/client/HasLoginModule.java
+++ b/has-project/has-client/src/main/java/org/apache/kerby/has/client/HasLoginModule.java
@@ -303,7 +303,8 @@ public class HasLoginModule implements LoginModule {
}
if (useTgtTicket) {
- if (succeeded == false) {
+ if (!succeeded) {
+ cleanKerberosCred();
return false;
} else {
if (isInitiator && cred == null) {
@@ -359,16 +360,14 @@ public class HasLoginModule implements LoginModule {
public boolean abort() throws LoginException {
if (useTgtTicket) {
- if (succeeded == false) {
+ if (!succeeded) {
return false;
- } else if (succeeded == true && commitSucceeded == false) {
- // login succeeded but overall authentication failed
- succeeded = false;
- cleanKerberosCred();
- } else {
- // overall authentication succeeded and commit succeeded,
- // but someone else's commit failed
+ } else if (succeeded && commitSucceeded) {
+ // we succeeded, but another required module failed
logout();
+ } else {
+ // our commit failed
+ succeeded = false;
}
return true;
} else {
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/2f20a0cf/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/jaas/TokenAuthLoginModule.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/jaas/TokenAuthLoginModule.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/jaas/TokenAuthLoginModule.java
index b8b4c4e..0f5f730 100644
--- a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/jaas/TokenAuthLoginModule.java
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/jaas/TokenAuthLoginModule.java
@@ -135,6 +135,7 @@ public class TokenAuthLoginModule implements LoginModule {
public boolean commit() throws LoginException {
if (!succeeded) {
+ cleanup();
return false;
} else {
KerberosTicket ticket = null;
@@ -180,15 +181,14 @@ public class TokenAuthLoginModule implements LoginModule {
*/
@Override
public boolean abort() throws LoginException {
- if (succeeded == false) {
+ if (!succeeded) {
return false;
- } else if (succeeded == true && commitSucceeded == false) {
- // login succeeded but overall authentication failed
- succeeded = false;
- } else {
- // overall authentication succeeded and commit succeeded,
- // but someone else's commit failed
+ } else if (succeeded && commitSucceeded) {
+ // we succeeded, but another required module failed
logout();
+ } else {
+ // our commit failed
+ succeeded = false;
}
return true;
}
@@ -364,6 +364,8 @@ public class TokenAuthLoginModule implements LoginModule {
throw new RuntimeException("File delete error!");
}
}
+ tgtTicket = null;
+ krbToken = null;
}
private void throwWith(String error, Exception cause) throws LoginException {