geronimo-scm mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ke...@apache.org
Subject svn commit: r565840 - in /geronimo/server/trunk: modules/geronimo-connector/src/main/java/org/apache/geronimo/connector/outbound/security/ modules/geronimo-jmx-remoting/src/test/java/org/apache/geronimo/jmxremoting/ modules/geronimo-security/src/main/j...
Date Tue, 14 Aug 2007 17:12:54 GMT
Author: kevan
Date: Tue Aug 14 10:12:53 2007
New Revision: 565840

URL: http://svn.apache.org/viewvc?view=rev&rev=565840
Log:
GERONIMO-3407 Try this one more time... Insure that we don't unintentionally cause a login
to succeed. Correct login logic in some test cases

Modified:
    geronimo/server/trunk/modules/geronimo-connector/src/main/java/org/apache/geronimo/connector/outbound/security/CallerIdentityPasswordCredentialLoginModule.java
    geronimo/server/trunk/modules/geronimo-jmx-remoting/src/test/java/org/apache/geronimo/jmxremoting/AuthenticatorTest.java
    geronimo/server/trunk/modules/geronimo-security/src/main/java/org/apache/geronimo/security/jaas/UPCredentialLoginModule.java
    geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ejb/src/main/java/org/apache/geronimo/itest/TestLoginModule.java

Modified: geronimo/server/trunk/modules/geronimo-connector/src/main/java/org/apache/geronimo/connector/outbound/security/CallerIdentityPasswordCredentialLoginModule.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/modules/geronimo-connector/src/main/java/org/apache/geronimo/connector/outbound/security/CallerIdentityPasswordCredentialLoginModule.java?view=diff&rev=565840&r1=565839&r2=565840
==============================================================================
--- geronimo/server/trunk/modules/geronimo-connector/src/main/java/org/apache/geronimo/connector/outbound/security/CallerIdentityPasswordCredentialLoginModule.java
(original)
+++ geronimo/server/trunk/modules/geronimo-connector/src/main/java/org/apache/geronimo/connector/outbound/security/CallerIdentityPasswordCredentialLoginModule.java
Tue Aug 14 10:12:53 2007
@@ -81,10 +81,13 @@
         resourcePrincipalName = ((NameCallback) callbacks[0]).getName();
         userName = ((NameCallback) callbacks[0]).getName();
         password = ((PasswordCallback) callbacks[1]).getPassword();
-        return resourcePrincipalName != null && userName != null && password
!= null;
+        return false;
     }
 
     public boolean commit() throws LoginException {
+        if (resourcePrincipalName == null || userName == null || password == null) {
+            return false;
+        }
         subject.getPrincipals().add(new ResourcePrincipal(resourcePrincipalName));
         PasswordCredential passwordCredential = new PasswordCredential(userName, password);
         passwordCredential.setManagedConnectionFactory(managedConnectionFactory);

Modified: geronimo/server/trunk/modules/geronimo-jmx-remoting/src/test/java/org/apache/geronimo/jmxremoting/AuthenticatorTest.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/modules/geronimo-jmx-remoting/src/test/java/org/apache/geronimo/jmxremoting/AuthenticatorTest.java?view=diff&rev=565840&r1=565839&r2=565840
==============================================================================
--- geronimo/server/trunk/modules/geronimo-jmx-remoting/src/test/java/org/apache/geronimo/jmxremoting/AuthenticatorTest.java
(original)
+++ geronimo/server/trunk/modules/geronimo-jmx-remoting/src/test/java/org/apache/geronimo/jmxremoting/AuthenticatorTest.java
Tue Aug 14 10:12:53 2007
@@ -112,7 +112,10 @@
                 if (password == null) {
                     throw new FailedLoginException();
                 }
-                return password.equals(new String(passwordCallback.getPassword()));
+                if (password.equals(new String(passwordCallback.getPassword()))) {
+                    return true;
+                }
+                throw new FailedLoginException();
             } catch (java.io.IOException e) {
                 throw new FailedLoginException();
             } catch (UnsupportedCallbackException e) {

Modified: geronimo/server/trunk/modules/geronimo-security/src/main/java/org/apache/geronimo/security/jaas/UPCredentialLoginModule.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/modules/geronimo-security/src/main/java/org/apache/geronimo/security/jaas/UPCredentialLoginModule.java?view=diff&rev=565840&r1=565839&r2=565840
==============================================================================
--- geronimo/server/trunk/modules/geronimo-security/src/main/java/org/apache/geronimo/security/jaas/UPCredentialLoginModule.java
(original)
+++ geronimo/server/trunk/modules/geronimo-security/src/main/java/org/apache/geronimo/security/jaas/UPCredentialLoginModule.java
Tue Aug 14 10:12:53 2007
@@ -72,7 +72,7 @@
         String username = ((NameCallback) callbacks[0]).getName();
         char[] password = ((PasswordCallback) callbacks[1]).getPassword();
 
-        if (username == null || password == null) return true;
+        if (username == null || password == null) return false;
 
         upCredential = new UsernamePasswordCredential(username, password);
 

Modified: geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ejb/src/main/java/org/apache/geronimo/itest/TestLoginModule.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ejb/src/main/java/org/apache/geronimo/itest/TestLoginModule.java?view=diff&rev=565840&r1=565839&r2=565840
==============================================================================
--- geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ejb/src/main/java/org/apache/geronimo/itest/TestLoginModule.java
(original)
+++ geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ejb/src/main/java/org/apache/geronimo/itest/TestLoginModule.java
Tue Aug 14 10:12:53 2007
@@ -69,7 +69,10 @@
         }
         user = ((NameCallback)callbacks[0]).getName();
         String password = new String(((PasswordCallback)callbacks[1]).getPassword());
-        return user.equals(password) && users.contains(user);
+        if (user.equals(password) && users.contains(user)) {
+            return true;
+        }
+        throw new LoginException();
     }
 
     public boolean commit() throws LoginException {



Mime
View raw message