jackrabbit-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ang...@apache.org
Subject svn commit: r1104256 - in /jackrabbit/trunk/jackrabbit-core/src: main/java/org/apache/jackrabbit/core/security/authentication/token/ test/java/org/apache/jackrabbit/core/security/authentication/token/
Date Tue, 17 May 2011 13:55:55 GMT
Author: angela
Date: Tue May 17 13:55:55 2011
New Revision: 1104256

URL: http://svn.apache.org/viewvc?rev=1104256&view=rev
Log:
JCR-2971 : Revert subsequent token-node updates (tentatively introduced)

Modified:
    jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authentication/token/TokenBasedAuthentication.java
    jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/token/TokenBasedAuthenticationTest.java

Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authentication/token/TokenBasedAuthentication.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authentication/token/TokenBasedAuthentication.java?rev=1104256&r1=1104255&r2=1104256&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authentication/token/TokenBasedAuthentication.java
(original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authentication/token/TokenBasedAuthentication.java
Tue May 17 13:55:55 2011
@@ -154,20 +154,9 @@ public class TokenBasedAuthentication im
                     tokenCredentials.setAttribute(key, info.get(key));
                 }
             }
-            // collect those attributes present on the credentials that
-            // are missing or different in the token node.
-            Map<String, String> newAttributes = new HashMap<String,String>(attrNames.size());
-            for (String attrName : tokenCredentials.getAttributeNames()) {
-                String attrValue = tokenCredentials.getAttribute(attrName);
-                if (!isMandatoryAttribute(attrName) &&
-                        (!info.containsKey(attrName) || !info.get(attrName).equals(attrValue)))
{
-                    newAttributes.put(attrName, attrValue);
-                }
-            }
 
-            // update token node if required: optionally resetting the
-            // expiration and the set of informative properties
-            updateTokenNode(expiry, loginTime, newAttributes);
+            // update token node if required: optionally resetting the expiration
+            updateTokenNode(expiry, loginTime);
 
             return true;
         }
@@ -181,19 +170,16 @@ public class TokenBasedAuthentication im
      * <ol>
      * <li>Reset the expiration if half of the expiration has passed in order to
      * minimize write operations (avoid resetting upon each login).</li>
-     * <li>Update the token node to reflect the set of new/changed informative
-     * attributes provided by the credentials.</li>
      * </ol>
      *
      * @param tokenExpiry
      * @param loginTime
-     * @param newAttributes
      */
-    private void updateTokenNode(long tokenExpiry, long loginTime, Map<String,String>
newAttributes) {
-        Node tokenNode = null;
+    private void updateTokenNode(long tokenExpiry, long loginTime) {
+        Node tokenNode;
         Session s = null;
         try {
-            // a) expiry...
+            // expiry...
             if (tokenExpiry - loginTime <= tokenExpiration/2) {
                 long expirationTime = loginTime + tokenExpiration;
                 Calendar cal = GregorianCalendar.getInstance();
@@ -204,18 +190,6 @@ public class TokenBasedAuthentication im
                 tokenNode.setProperty(TOKEN_ATTRIBUTE_EXPIRY, s.getValueFactory().createValue(cal));
             }
 
-            // b) handle informative attributes...
-            if (!newAttributes.isEmpty()) {
-                if (tokenNode == null) {
-                    tokenNode = getTokenNode();
-                    s = tokenNode.getSession();
-                }
-                for (String attrName : newAttributes.keySet()) {
-                    tokenNode.setProperty(attrName, newAttributes.get(attrName));
-                    log.info("Updating token node with informative attribute '" + attrName
+ "'");
-                }
-            }
-
             if (s != null) {
                 s.save();
             }

Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/token/TokenBasedAuthenticationTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/token/TokenBasedAuthenticationTest.java?rev=1104256&r1=1104255&r2=1104256&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/token/TokenBasedAuthenticationTest.java
(original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/token/TokenBasedAuthenticationTest.java
Tue May 17 13:55:55 2011
@@ -152,15 +152,24 @@ public class TokenBasedAuthenticationTes
         assertTrue(auth.authenticate(tokenCreds));               
         assertEquals("value", tokenCreds.getAttribute("informative"));
 
-        // additional informative property present on credentials
-        // -> the node must be updated
+        // additional informative property present on credentials upon subsequent
+        // authentication -> the node must not be updated
+        auth = new TokenBasedAuthentication(tokenNode.getIdentifier(), TokenBasedAuthentication.TOKEN_EXPIRATION,
superuser);
         tokenCreds.setAttribute("informative2", "value2");
         assertTrue(auth.authenticate(tokenCreds));
-        assertTrue(tokenNode.hasProperty("informative2"));
-        assertEquals("value2", tokenNode.getProperty("informative2").getString());
+        assertFalse(tokenNode.hasProperty("informative2"));
 
-        // additional mandatory property on the credentials
-        // -> must be ignored during authentication
+        // modified informative property present on credentials upon subsequent
+        // authentication -> the node must not be updated
+        auth = new TokenBasedAuthentication(tokenNode.getIdentifier(), TokenBasedAuthentication.TOKEN_EXPIRATION,
superuser);
+        tokenCreds.setAttribute("informative", "otherValue");
+        assertTrue(auth.authenticate(tokenCreds));
+        assertTrue(tokenNode.hasProperty("informative"));
+        assertEquals("value", tokenNode.getProperty("informative").getString());
+
+        // additional mandatory property on the credentials upon subsequent
+        // authentication -> must be ignored
+        auth = new TokenBasedAuthentication(tokenNode.getIdentifier(), TokenBasedAuthentication.TOKEN_EXPIRATION,
superuser);        
         tokenCreds.setAttribute(TokenBasedAuthentication.TOKEN_ATTRIBUTE +".toIgnore", "ignore");
         assertTrue(auth.authenticate(tokenCreds));
         assertFalse(tokenNode.hasProperty(TokenBasedAuthentication.TOKEN_ATTRIBUTE +".toIgnore"));



Mime
View raw message