Hi!
I'm trying to subclass JdbcDaoImpl and use addCustomAuthorities() to add
another way to look up the user's granted authorities.
These lines in JdbcDaoImpl causes trouble for me:
List dbAuths =
authoritiesByUsernameMapping.execute(user.getUsername());
if (dbAuths.size() == 0) {
throw new UsernameNotFoundException("User has no
GrantedAuthority");
}
GrantedAuthority[] arrayAuths = {};
addCustomAuthorities(user.getUsername(), dbAuths);
As you can see, if the list of authorities returned by the first query
is empty, an exception is thrown and addCustomAuthorities() is never
called. I can't see the logic behind this. IMO, the call to
addCustomAuthorities() should be made before the check.
I'm attaching a patch with this change.
/4
Index:
core/src/main/java/net/sf/acegisecurity/providers/dao/jdbc/JdbcDaoImpl.java
===================================================================
RCS file:
/cvsroot/acegisecurity/acegisecurity/core/src/main/java/net/sf/acegisecurity/providers/dao/jdbc/JdbcDaoImpl.java,v
retrieving revision 1.12
diff -u -r1.12 JdbcDaoImpl.java
--- core/src/main/java/net/sf/acegisecurity/providers/dao/jdbc/JdbcDaoImpl.java
29 May 2005 09:46:51 -0000 1.12
+++ core/src/main/java/net/sf/acegisecurity/providers/dao/jdbc/JdbcDaoImpl.java
30 May 2005 13:56:29 -0000
@@ -204,14 +204,14 @@
List dbAuths =
authoritiesByUsernameMapping.execute(user.getUsername());
+ addCustomAuthorities(user.getUsername(), dbAuths);
+
if (dbAuths.size() == 0) {
throw new UsernameNotFoundException("User has no
GrantedAuthority");
}
GrantedAuthority[] arrayAuths = {};
- addCustomAuthorities(user.getUsername(), dbAuths);
-
arrayAuths = (GrantedAuthority[]) dbAuths.toArray(arrayAuths);
String returnUsername = user.getUsername();
