You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@isis.apache.org by ah...@apache.org on 2019/08/02 07:40:25 UTC
[isis] branch v2 updated: ISIS-2157 adds a FIXME[2157] marker to
the problematic code
This is an automated email from the ASF dual-hosted git repository.
ahuber pushed a commit to branch v2
in repository https://gitbox.apache.org/repos/asf/isis.git
The following commit(s) were added to refs/heads/v2 by this push:
new bd01726 ISIS-2157 adds a FIXME[2157] marker to the problematic code
bd01726 is described below
commit bd017263d034d2bbe7145855a320a9172ec10685
Author: Andi Huber <ah...@apache.org>
AuthorDate: Fri Aug 2 09:40:09 2019 +0200
ISIS-2157 adds a FIXME[2157] marker to the problematic code
---
.../secman/shiro/IsisModuleSecurityRealm.java | 20 ++++++++------------
1 file changed, 8 insertions(+), 12 deletions(-)
diff --git a/extensions/secman/realm-shiro/src/main/java/org/apache/isis/extensions/secman/shiro/IsisModuleSecurityRealm.java b/extensions/secman/realm-shiro/src/main/java/org/apache/isis/extensions/secman/shiro/IsisModuleSecurityRealm.java
index cd8b653..c7179b6 100644
--- a/extensions/secman/realm-shiro/src/main/java/org/apache/isis/extensions/secman/shiro/IsisModuleSecurityRealm.java
+++ b/extensions/secman/realm-shiro/src/main/java/org/apache/isis/extensions/secman/shiro/IsisModuleSecurityRealm.java
@@ -61,7 +61,7 @@ public class IsisModuleSecurityRealm extends AuthorizingRealm implements Securit
/**
* In order to provide an attacker with additional information, the exceptions thrown here deliberately have
- * few (or no) details in their exception message. Similarly, the generic
+ * few (or no) details in their exception message. Similarly, the generic
* {@link org.apache.shiro.authc.CredentialsException} is thrown for both a non-existent user and also an
* invalid password.
*/
@@ -76,10 +76,8 @@ public class IsisModuleSecurityRealm extends AuthorizingRealm implements Securit
val username = usernamePasswordToken.getUsername();
val password = usernamePasswordToken.getPassword();
- // lookup from database, for roles/perms, but also
- // determine how to authenticate (delegate or local), whether disabled
- val autoCreateUser = hasDelegateAuthenticationRealm() && getAutoCreateUser();
- val principal = lookupPrincipal(username, autoCreateUser);
+ // lookup from database, for roles/perms
+ val principal = lookupPrincipal(username);
if (principal == null) {
// if no delegate authentication
throw new CredentialsException("Unknown user/password combination");
@@ -130,13 +128,11 @@ public class IsisModuleSecurityRealm extends AuthorizingRealm implements Securit
return urp;
}
- /**
- * @param username
- * @param autoCreateUser
- */
- private PrincipalForApplicationUser lookupPrincipal(
- final String username,
- final boolean autoCreateUser) {
+ private PrincipalForApplicationUser lookupPrincipal(final String username) {
+
+ //FIXME[2157] do not auto-create if user cannot authenticate
+ // determine how to authenticate (delegate or local), whether disabled
+ val autoCreateUser = hasDelegateAuthenticationRealm() && getAutoCreateUser();
return execute(new Supplier<PrincipalForApplicationUser>() {
@Override