You are viewing a plain text version of this content. The canonical link for it is here.
Posted to scm@geronimo.apache.org by am...@apache.org on 2004/11/23 03:15:11 UTC
svn commit: r106262 - /geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/PropertiesFileLoginModule.java /geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/SQLLoginModule.java
Author: ammulder
Date: Mon Nov 22 18:15:10 2004
New Revision: 106262
Modified:
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/PropertiesFileLoginModule.java
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/SQLLoginModule.java
Log:
Handle empty username better / consistently. GERONIMO-421
Modified: geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/PropertiesFileLoginModule.java
Url: http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/PropertiesFileLoginModule.java?view=diff&rev=106262&p1=geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/PropertiesFileLoginModule.java&r1=106261&p2=geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/PropertiesFileLoginModule.java&r2=106262
==============================================================================
--- geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/PropertiesFileLoginModule.java (original)
+++ geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/PropertiesFileLoginModule.java Mon Nov 22 18:15:10 2004
@@ -126,8 +126,11 @@
} catch (UnsupportedCallbackException uce) {
throw (LoginException) new LoginException().initCause(uce);
}
+ assert callbacks.length == 2;
username = ((NameCallback) callbacks[0]).getName();
- assert username != null;
+ if(username == null || username.equals("")) {
+ return false;
+ }
password = users.getProperty(username);
return new String(((PasswordCallback) callbacks[1]).getPassword()).equals(password);
Modified: geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/SQLLoginModule.java
Url: http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/SQLLoginModule.java?view=diff&rev=106262&p1=geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/SQLLoginModule.java&r1=106261&p2=geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/SQLLoginModule.java&r2=106262
==============================================================================
--- geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/SQLLoginModule.java (original)
+++ geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/SQLLoginModule.java Mon Nov 22 18:15:10 2004
@@ -89,7 +89,11 @@
} catch (UnsupportedCallbackException uce) {
throw (LoginException) new LoginException().initCause(uce);
}
+ assert callbacks.length == 2;
cbUsername = ((NameCallback) callbacks[0]).getName();
+ if(cbUsername == null || cbUsername.equals("")) {
+ return false;
+ }
cbPassword = new String(((PasswordCallback) callbacks[1]).getPassword());
boolean found = false;