You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-dev@portals.apache.org by at...@apache.org on 2004/12/04 22:08:18 UTC
cvs commit: jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl DefaultCredentialHandler.java InternalPasswordCredentialStateHandlingInterceptor.java
ate 2004/12/04 13:08:18
Modified: components/security/src/java/org/apache/jetspeed/security/spi/impl
DefaultCredentialHandler.java
InternalPasswordCredentialStateHandlingInterceptor.java
Log:
Fix to support setting update required to false, even if a user hasn't authenticated yet by also setting PreviousAuthenticationDate.
Relies on InternalPasswordCredentialStateHandlingInterceptor.afterLoad to evaluate
both PreviousAuthenticationDate and LastAuthenticationDate == null to determine if updateRequired has to be true.
Revision Changes Path
1.12 +8 -1 jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultCredentialHandler.java
Index: DefaultCredentialHandler.java
===================================================================
RCS file: /home/cvs/jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultCredentialHandler.java,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -r1.11 -r1.12
--- DefaultCredentialHandler.java 25 Nov 2004 02:25:57 -0000 1.11
+++ DefaultCredentialHandler.java 4 Dec 2004 21:08:18 -0000 1.12
@@ -257,7 +257,14 @@
if ( credential != null && !credential.isExpired() && credential.isUpdateRequired() != updateRequired )
{
credential.setUpdateRequired(updateRequired);
- internalUser.setModifiedDate(new Timestamp(new Date().getTime()));
+ long time = new Date().getTime();
+ credential.setModifiedDate(new Timestamp(time));
+ // temporary hack for now to support setting passwordUpdateRequired = false
+ // for users never authenticated yet.
+ // The current InternalPasswordCredentialStateHandlingInterceptor.afterLoad()
+ // logic will only set it (back) to true if both prev and last auth. date is null
+ credential.setPreviousAuthenticationDate(new Timestamp(time));
+ internalUser.setModifiedDate(new Timestamp(time));
securityAccess.setInternalUserPrincipal(internalUser, false);
}
}
1.5 +4 -2 jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/InternalPasswordCredentialStateHandlingInterceptor.java
Index: InternalPasswordCredentialStateHandlingInterceptor.java
===================================================================
RCS file: /home/cvs/jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/InternalPasswordCredentialStateHandlingInterceptor.java,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- InternalPasswordCredentialStateHandlingInterceptor.java 25 Nov 2004 02:25:57 -0000 1.4
+++ InternalPasswordCredentialStateHandlingInterceptor.java 4 Dec 2004 21:08:18 -0000 1.5
@@ -84,7 +84,9 @@
credential.setExpirationDate(new Date(new java.util.Date().getTime()+maxLifeSpanInMillis));
update = true;
}
- if ( !credential.isUpdateRequired() && credential.getLastAuthenticationDate() == null )
+ if ( !credential.isUpdateRequired() &&
+ credential.getLastAuthenticationDate() == null &&
+ credential.getPreviousAuthenticationDate() == null )
{
credential.setUpdateRequired(true);
update = true;
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jetspeed-dev-help@jakarta.apache.org