Return-Path: Delivered-To: apmail-jackrabbit-commits-archive@www.apache.org Received: (qmail 93360 invoked from network); 14 Apr 2010 12:12:37 -0000 Received: from unknown (HELO mail.apache.org) (140.211.11.3) by 140.211.11.9 with SMTP; 14 Apr 2010 12:12:37 -0000 Received: (qmail 47427 invoked by uid 500); 14 Apr 2010 12:12:37 -0000 Delivered-To: apmail-jackrabbit-commits-archive@jackrabbit.apache.org Received: (qmail 47312 invoked by uid 500); 14 Apr 2010 12:12:36 -0000 Mailing-List: contact commits-help@jackrabbit.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@jackrabbit.apache.org Delivered-To: mailing list commits@jackrabbit.apache.org Received: (qmail 47298 invoked by uid 99); 14 Apr 2010 12:12:36 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 14 Apr 2010 12:12:36 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 14 Apr 2010 12:12:33 +0000 Received: by eris.apache.org (Postfix, from userid 65534) id 0989223888FE; Wed, 14 Apr 2010 12:12:11 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r933922 - in /jackrabbit/trunk/jackrabbit-core/src: main/java/org/apache/jackrabbit/core/security/authentication/AbstractLoginModule.java test/java/org/apache/jackrabbit/core/security/user/UserImplTest.java Date: Wed, 14 Apr 2010 12:12:10 -0000 To: commits@jackrabbit.apache.org From: angela@apache.org X-Mailer: svnmailer-1.0.8 Message-Id: <20100414121211.0989223888FE@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Author: angela Date: Wed Apr 14 12:12:10 2010 New Revision: 933922 URL: http://svn.apache.org/viewvc?rev=933922&view=rev Log: JCR-2603: DefaultLoginModule performs anonymous login in case of unsupported Credentials implementation Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authentication/AbstractLoginModule.java jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/UserImplTest.java Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authentication/AbstractLoginModule.java URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authentication/AbstractLoginModule.java?rev=933922&r1=933921&r2=933922&view=diff ============================================================================== --- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authentication/AbstractLoginModule.java (original) +++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authentication/AbstractLoginModule.java Wed Apr 14 12:12:10 2010 @@ -293,11 +293,19 @@ public abstract class AbstractLoginModul return false; } - // check the availability of Credentials + // check the availability and validity of Credentials Credentials creds = getCredentials(); if (creds == null) { log.debug("No credentials available -> try default (anonymous) authentication."); + } else { + if (supportsCredentials(creds)) { + sharedState.put(KEY_CREDENTIALS, credentials); + } else { + log.debug("Unsupported credentials implementation : " + creds.getClass().getName()); + return false; + } } + try { Principal userPrincipal = getPrincipal(creds); if (userPrincipal == null) { @@ -520,7 +528,7 @@ public abstract class AbstractLoginModul * authentication-extension of an already authenticated {@link Subject} into * accout. *

- * Therefore the credentials are searchred as follows: + * Therefore the credentials are retrieved as follows: *

    *
  1. Test if the shared state contains credentials.
    2. *
  2. Ask CallbackHandler for Credentials with using a {@link @@ -542,15 +550,7 @@ public abstract class AbstractLoginModul try { CredentialsCallback callback = new CredentialsCallback(); callbackHandler.handle(new Callback[]{callback}); - Credentials creds = callback.getCredentials(); - if (null != creds) { - if (supportsCredentials(creds)) { - credentials = creds; - } - if (credentials != null) { - sharedState.put(KEY_CREDENTIALS, credentials); - } - } + credentials = callback.getCredentials(); } catch (UnsupportedCallbackException e) { log.warn("Credentials-Callback not supported try Name-Callback"); } catch (IOException e) { Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/UserImplTest.java URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/UserImplTest.java?rev=933922&r1=933921&r2=933922&view=diff ============================================================================== --- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/UserImplTest.java (original) +++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/UserImplTest.java Wed Apr 14 12:12:10 2010 @@ -27,6 +27,7 @@ import org.apache.jackrabbit.util.Text; import org.apache.jackrabbit.value.StringValue; import javax.jcr.Credentials; +import javax.jcr.LoginException; import javax.jcr.RepositoryException; import javax.jcr.Session; import javax.jcr.SimpleCredentials; @@ -182,4 +183,19 @@ public class UserImplTest extends Abstra // success } } + + public void testLoginWithCryptedCredentials() throws RepositoryException { + User u = (User) uMgr.getAuthorizable(uID); + + Credentials creds = u.getCredentials(); + assertTrue(creds instanceof CryptedSimpleCredentials); + + try { + Session s = getHelper().getRepository().login(u.getCredentials()); + s.logout(); + fail("Login using CryptedSimpleCredentials must fail."); + } catch (LoginException e) { + // success + } + } }