You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@turbine.apache.org by Leandro Rodrigo Saad Cruz <le...@ibnetwork.com.br> on 2001/03/09 15:53:36 UTC

authenticating user (hitting DB twice ??)

When we use the facade TurbineSecurity to get an authenticated user,
this task is delegated to DBUserManager which does :

public User retrieve( String username, String password )
         throws PasswordMismatchException, UnknownEntityException,
                DataBackendException
    {
        User user = retrieve(username);
        authenticate(user, password);
        return user;
    }

My point is : why does authenticate has to check if the user account

really exists if we have already done that during the call to retrieve() on

the method above ??

Sorry if I missed something. :)

-- Leandro Rodrigo Saad Cruz

InterBusiness Tecnolgia e Servicos
http://www.ibnetwork.com.br
telefone 4191-3638
Sao Paulo - SP - Brasil




---------------------------------------------------------------------
To unsubscribe, e-mail: turbine-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: turbine-dev-help@jakarta.apache.org