You are viewing a plain text version of this content. The canonical link for it is here.

Posted to jetspeed-dev@portals.apache.org by ta...@apache.org on 2015/07/07 19:31:49 UTC

svn commit: r1689715 - /portals/jetspeed-2/portal/tags/JETSPEED-RELEASE-2.2.2/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/UserPasswordCredentialPolicyManagerImpl.java

Author: taylor
Date: Tue Jul  7 17:31:49 2015
New Revision: 1689715

URL: http://svn.apache.org/r1689715
Log:
JS2-1330: fixing bug in Password Credential Policy. 

Modified:
    portals/jetspeed-2/portal/tags/JETSPEED-RELEASE-2.2.2/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/UserPasswordCredentialPolicyManagerImpl.java

Modified: portals/jetspeed-2/portal/tags/JETSPEED-RELEASE-2.2.2/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/UserPasswordCredentialPolicyManagerImpl.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/tags/JETSPEED-RELEASE-2.2.2/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/UserPasswordCredentialPolicyManagerImpl.java?rev=1689715&r1=1689714&r2=1689715&view=diff
==============================================================================
--- portals/jetspeed-2/portal/tags/JETSPEED-RELEASE-2.2.2/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/UserPasswordCredentialPolicyManagerImpl.java (original)
+++ portals/jetspeed-2/portal/tags/JETSPEED-RELEASE-2.2.2/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/UserPasswordCredentialPolicyManagerImpl.java Tue Jul  7 17:31:49 2015
@@ -106,6 +106,7 @@ public class UserPasswordCredentialPolic
             }
         }
         boolean update = false;
+        boolean failuresUpdated = false;
 
         for (PasswordCredentialInterceptor pci : interceptors)
         {
@@ -113,6 +114,9 @@ public class UserPasswordCredentialPolic
             {
                 update = true;
             }
+            if (pci instanceof MaxPasswordAuthenticationFailuresInterceptor) {
+                failuresUpdated = true;
+            }
         }
         if (update && (!credential.isEnabled() || credential.isExpired()))
         {
@@ -133,7 +137,9 @@ public class UserPasswordCredentialPolic
         }
         else
         {
-            credential.setAuthenticationFailures(credential.getAuthenticationFailures()+1);
+            if (!failuresUpdated) {
+                credential.setAuthenticationFailures(credential.getAuthenticationFailures()+1);
+            }
         }
         
         return update;



---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org