You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@jspwiki.apache.org by "Hai-Chen Tu (JIRA)" <ji...@apache.org> on 2008/07/08 04:14:31 UTC

[jira] Created: (JSPWIKI-311) Cannot save user profile in container managed authentication mode

Cannot save user profile in container managed authentication mode
-----------------------------------------------------------------

                 Key: JSPWIKI-311
                 URL: https://issues.apache.org/jira/browse/JSPWIKI-311
             Project: JSPWiki
          Issue Type: Bug
          Components: Authentication&Authorization
    Affects Versions: 2.6.3
            Reporter: Hai-Chen Tu
            Priority: Trivial


I use an NTLM servlet filter for authentication. I didn't uncomment container-managed section in web.xml. Instead,
I subclass WebContainerAuthorizer to disable web.xml processing. This gives me a very simple container-managed
authentication/authroization environment. 

User profile now has only two editable fields: Name and Email Address. However, save profile failed
because in this unique combination, both password and existingPassword are null.
 
In file com.ecyrd.jspwiki.auth.user.JDBCUserDatabase.save(...), line 598
      if ( !password.equals( existingPassword ) )
will result exception because password is null.

possible solution: (1) check password is null or not at line 598, or (2) if password is null, make it an empty string before line 598.
I don't know if (1) or (2) will cause any side impact or not.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

[jira] Commented: (JSPWIKI-311) Cannot save user profile in container managed authentication mode

Posted by "Hai-Chen Tu (JIRA)" <ji...@apache.org>.

    [ https://issues.apache.org/jira/browse/JSPWIKI-311?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12611432#action_12611432 ] 

Hai-Chen Tu commented on JSPWIKI-311:
-------------------------------------

Forgot to mention that the reason I use user database is to allow users to save
their full names. 

> Cannot save user profile in container managed authentication mode
> -----------------------------------------------------------------
>
>                 Key: JSPWIKI-311
>                 URL: https://issues.apache.org/jira/browse/JSPWIKI-311
>             Project: JSPWiki
>          Issue Type: Bug
>          Components: Authentication&Authorization
>    Affects Versions: 2.6.3
>            Reporter: Hai-Chen Tu
>            Priority: Trivial
>
> I use an NTLM servlet filter for authentication. I didn't uncomment container-managed section in web.xml. Instead,
> I subclass WebContainerAuthorizer to disable web.xml processing. This gives me a very simple container-managed
> authentication/authroization environment. 
> User profile now has only two editable fields: Name and Email Address. However, save profile failed
> because in this unique combination, both password and existingPassword are null.
>  
> In file com.ecyrd.jspwiki.auth.user.JDBCUserDatabase.save(...), line 598
>       if ( !password.equals( existingPassword ) )
> will result exception because password is null.
> possible solution: (1) check password is null or not at line 598, or (2) if password is null, make it an empty string before line 598.
> I don't know if (1) or (2) will cause any side impact or not.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.