portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From a..@apache.org
Subject svn commit: r930552 - in /portals/jetspeed-2/portal/trunk/components: jetspeed-security/src/main/java/org/apache/jetspeed/security/impl/ jetspeed-security/src/main/java/org/apache/jetspeed/serializer/ jetspeed-serializer/src/main/java/org/apache/jetspe...
Date Sat, 03 Apr 2010 18:06:06 GMT
Author: ate
Date: Sat Apr  3 18:06:05 2010
New Revision: 930552

URL: http://svn.apache.org/viewvc?rev=930552&view=rev
Log:
I noticed UserManagerImpl always tries to retrieve the PasswordCredential for the anonymous
(guest) user which of course is not needed.
Furthermore, the JetspeedSecuritySerializer always created a PasswordCredential on import
even if one wasn't defined (ending up being "empty", e.g. no password set, including the useless
one for the "guest" user)

Modified:
    portals/jetspeed-2/portal/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/impl/UserManagerImpl.java
    portals/jetspeed-2/portal/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/serializer/JetspeedSecuritySerializer.java
    portals/jetspeed-2/portal/trunk/components/jetspeed-serializer/src/main/java/org/apache/jetspeed/serializer/objects/JSPrincipal.java

Modified: portals/jetspeed-2/portal/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/impl/UserManagerImpl.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/impl/UserManagerImpl.java?rev=930552&r1=930551&r2=930552&view=diff
==============================================================================
--- portals/jetspeed-2/portal/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/impl/UserManagerImpl.java
(original)
+++ portals/jetspeed-2/portal/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/impl/UserManagerImpl.java
Sat Apr  3 18:06:05 2010
@@ -127,7 +127,7 @@ public class UserManagerImpl extends Bas
 
 	public Subject getSubject(User user) throws SecurityException
 	{
-		if (credentialManager != null)
+		if (!getAnonymousUser().equals(user.getName()) && credentialManager != null)
 		{
 			PasswordCredential pwc = getPasswordCredential(user);
 			if (pwc != null)

Modified: portals/jetspeed-2/portal/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/serializer/JetspeedSecuritySerializer.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/serializer/JetspeedSecuritySerializer.java?rev=930552&r1=930551&r2=930552&view=diff
==============================================================================
--- portals/jetspeed-2/portal/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/serializer/JetspeedSecuritySerializer.java
(original)
+++ portals/jetspeed-2/portal/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/serializer/JetspeedSecuritySerializer.java
Sat Apr  3 18:06:05 2010
@@ -390,7 +390,7 @@ public class JetspeedSecuritySerializer 
         /** determine whether passwords can be reconstructed or not */
         int passwordEncoding = compareCurrentSecurityProvider(snapshot);
                 
-        log.debug("processing old users");
+        log.info("processing old users");
 
         for (JSUser jsuser : snapshot.getOldUsers())
         {
@@ -403,37 +403,45 @@ public class JetspeedSecuritySerializer 
                 }
                 if ((isSettingSet(settings, JetspeedSerializer.KEY_OVERWRITE_EXISTING)) ||
(user == null))
                 {
+                    boolean doPwData = jsuser.getPwData() != null;
                     if (user == null) // create new one
                     {
-                        String pwdString = (jsuser.getPwDataValue("password"));
-                        char [] pwdChars = (pwdString != null ? pwdString.toCharArray() :
null);
-                        String password = recreatePassword(pwdChars);
-                        log.debug("add User " + jsuser.getName() + " with password " + (password));
-                        
+                        log.debug("add User " + jsuser.getName());
                         user = userManager.addUser(jsuser.getName());
-                        if (password != null && password.length() > 0)
+                        if (doPwData)
                         {
-                            PasswordCredential pwc = userManager.getPasswordCredential(user);
-                            pwc.setPassword(password, (passwordEncoding == JetspeedSerializer.PASSTHRU_REQUIRED));
-                            userManager.storePasswordCredential(pwc);
+                            String pwdString = (jsuser.getPwDataValue("password"));
+                            char [] pwdChars = (pwdString != null ? pwdString.toCharArray()
: null);
+                            String password = recreatePassword(pwdChars);
+                            
+                            if (password != null && password.length() > 0)
+                            {
+                                PasswordCredential pwc = userManager.getPasswordCredential(user);
+                                pwc.setPassword(password, (passwordEncoding == JetspeedSerializer.PASSTHRU_REQUIRED));
+                                log.debug("storing password for User " + jsuser.getName());
+                                userManager.storePasswordCredential(pwc);
+                            }
                         }
                         log.debug("add User done ");
                     }
-                    try
+                    if (doPwData)
                     {
-                        PasswordCredential pwc = userManager.getPasswordCredential(user);
-                        pwc.setEnabled(jsuser.getPwDataValueAsBoolean("enabled"));
-                        pwc.setUpdateRequired(jsuser.getPwDataValueAsBoolean("requiresUpdate"));
-                        java.sql.Date d = jsuser.getPwExpirationDate();
-                        if (d != null)
-                            pwc.setExpirationDate(d);
-                        userManager.storePasswordCredential(pwc);
-                    }
-                    catch (Exception e)
-                    {
-                        // most likely caused by protected users (like "guest")
-                        log.error("setting userinfo for " + jsuser.getName() + " failed because
of "
-                                + e.getLocalizedMessage());
+                        try
+                        {
+                            PasswordCredential pwc = userManager.getPasswordCredential(user);
+                            pwc.setEnabled(jsuser.getPwDataValueAsBoolean("enabled"));
+                            pwc.setUpdateRequired(jsuser.getPwDataValueAsBoolean("requiresUpdate"));
+                            java.sql.Date d = jsuser.getPwExpirationDate();
+                            if (d != null)
+                                pwc.setExpirationDate(d);
+                            userManager.storePasswordCredential(pwc);
+                        }
+                        catch (Exception e)
+                        {
+                            // most likely caused by protected users (like "guest")
+                            log.error("setting userinfo for " + jsuser.getName() + " failed
because of "
+                                    + e.getLocalizedMessage());
+                        }
                     }
 
                     // credentials
@@ -588,37 +596,46 @@ public class JetspeedSecuritySerializer 
             }
             if ((isSettingSet(settings, JetspeedSerializer.KEY_OVERWRITE_EXISTING)) || (user
== null))
             {
+                boolean doPwData = jsuser.getPwData() != null;
                 if (user == null) // create new one
                 {
-                    String pwdString = jsuser.getPwDataValue("password");
-                    char [] pwdChars = (pwdString != null ? pwdString.toCharArray() : null);
-                    String password = recreatePassword(pwdChars);
-                    log.debug("add User " + jsuser.getName() + " with password " + (password));
-                    
+                    log.debug("add User " + jsuser.getName());
                     user = userManager.addUser(jsuser.getName(), jsuser.isMapped());
-                    if (password != null && password.length() > 0)
+                    
+                    if (doPwData)
                     {
-                        PasswordCredential pwc = userManager.getPasswordCredential(user);
-                        pwc.setPassword(password, (passwordEncoding == JetspeedSerializer.PASSTHRU_REQUIRED));
-                        userManager.storePasswordCredential(pwc);
+                        String pwdString = jsuser.getPwDataValue("password");
+                        char [] pwdChars = (pwdString != null ? pwdString.toCharArray() :
null);
+                        String password = recreatePassword(pwdChars);
+                        
+                        if (password != null && password.length() > 0)
+                        {
+                            PasswordCredential pwc = userManager.getPasswordCredential(user);
+                            pwc.setPassword(password, (passwordEncoding == JetspeedSerializer.PASSTHRU_REQUIRED));
+                            log.debug("storing password for " + jsuser.getName());
+                            userManager.storePasswordCredential(pwc);
+                        }
                     }
-                    log.debug("add User done ");
+                    log.info("add User done ");
                 }
-                try
-                {
-                    PasswordCredential pwc = userManager.getPasswordCredential(user);
-                    pwc.setEnabled(jsuser.getPwDataValueAsBoolean("enabled"));
-                    pwc.setUpdateRequired(jsuser.getPwDataValueAsBoolean("requiresUpdate"));
-                    java.sql.Date d = jsuser.getPwDataValueAsDate("expirationDate");
-                    if (d != null)
-                        pwc.setExpirationDate(d);
-                    userManager.storePasswordCredential(pwc);
-                }
-                catch (Exception e)
+                if (doPwData)
                 {
-                    // most likely caused by protected users (like "guest")
-                    log.error("setting userinfo for " + jsuser.getName() + " failed because
of "
-                            + e.getLocalizedMessage());
+                    try
+                    {
+                        PasswordCredential pwc = userManager.getPasswordCredential(user);
+                        pwc.setEnabled(jsuser.getPwDataValueAsBoolean("enabled"));
+                        pwc.setUpdateRequired(jsuser.getPwDataValueAsBoolean("requiresUpdate"));
+                        java.sql.Date d = jsuser.getPwDataValueAsDate("expirationDate");
+                        if (d != null)
+                            pwc.setExpirationDate(d);
+                        userManager.storePasswordCredential(pwc);
+                    }
+                    catch (Exception e)
+                    {
+                        // most likely caused by protected users (like "guest")
+                        log.error("setting userinfo for " + jsuser.getName() + " failed because
of "
+                                + e.getLocalizedMessage());
+                    }
                 }
                 
                 // credentials

Modified: portals/jetspeed-2/portal/trunk/components/jetspeed-serializer/src/main/java/org/apache/jetspeed/serializer/objects/JSPrincipal.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/trunk/components/jetspeed-serializer/src/main/java/org/apache/jetspeed/serializer/objects/JSPrincipal.java?rev=930552&r1=930551&r2=930552&view=diff
==============================================================================
--- portals/jetspeed-2/portal/trunk/components/jetspeed-serializer/src/main/java/org/apache/jetspeed/serializer/objects/JSPrincipal.java
(original)
+++ portals/jetspeed-2/portal/trunk/components/jetspeed-serializer/src/main/java/org/apache/jetspeed/serializer/objects/JSPrincipal.java
Sat Apr  3 18:06:05 2010
@@ -251,6 +251,11 @@ public class JSPrincipal
         }
     }
     
+    public JSPWAttributes getPwData()
+    {
+        return pwData;
+    }
+
     public String getPwDataValue(String key)
     {
         return getPwDataValue(key, null);



---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org


Mime
View raw message