mman 01/08/25 06:35:24
Modified: src/org/apache/cocoon/acting Tag: cocoon_20_branch
DatabaseAuthenticatorAction.java
Log:
- Fixed bug which caused WHERE clause to be omitted always and not only for
"nullable" parameters
- Patch from Philipp Schmidt <[EMAIL PROTECTED]> for autocommit issues.
Revision Changes Path
No revision
No revision
1.3.2.9 +32 -22
xml-cocoon2/src/org/apache/cocoon/acting/DatabaseAuthenticatorAction.java
Index: DatabaseAuthenticatorAction.java
===================================================================
RCS file:
/home/cvs/xml-cocoon2/src/org/apache/cocoon/acting/DatabaseAuthenticatorAction.java,v
retrieving revision 1.3.2.8
retrieving revision 1.3.2.9
diff -u -r1.3.2.8 -r1.3.2.9
--- DatabaseAuthenticatorAction.java 2001/08/22 12:08:20 1.3.2.8
+++ DatabaseAuthenticatorAction.java 2001/08/25 13:35:24 1.3.2.9
@@ -1,4 +1,4 @@
-// $Id: DatabaseAuthenticatorAction.java,v 1.3.2.8 2001/08/22 12:08:20 sylvain Exp $
+// $Id: DatabaseAuthenticatorAction.java,v 1.3.2.9 2001/08/25 13:35:24 mman Exp $
package org.apache.cocoon.acting;
import org.apache.avalon.excalibur.datasource.DataSourceComponent;
@@ -25,20 +25,23 @@
* used for all actions derived from AbstractDatabaseAction.
* <pre>
* <root>
- * <connection>personnel</connection>
- * <table name="users_table>
- * <select dbcol="username" request-param="username"
- * to-session="username"/>
- * <select dbcol="password" request-param="password"/>
- * <select dbcol="role" to-session="role" type="string"/>
- * <select dbcol="skin" to-session="skin" type="string"/>
- * </table>
+* <connection>personnel</connection>
+* <table name="users_table>
+* <select dbcol="username" request-param="username"
+* to-session="username"/>
+* <select dbcol="password" request-param="password"
+* nullable="yes"/>
+* <select dbcol="role" to-session="role" type="string"/>
+* <select dbcol="skin" to-session="skin" type="string"/>
+* </table>
* </root>
* </pre>
* The values specified via "request-param" describe the name of HTTP request
- * parameter, "dbcol" indicates matching database column and finally
+ * parameter, "dbcol" indicates matching database column, "nullable" means
+ * that request-param which is null or empty will not be included in the WHERE
+ * clause. This way you can enable accounts with empty passwords, etc.
* "to-session" attribute indicates under which name the value obtained from
- * database should stored in the session. Of course new session is created
+ * database should be stored in the session. Of course new session is created
* when authorization is successfull. The "type" attribute can be either
* string, long or double and alters the type of object stored in session.
* Additionally all parameters that are
@@ -51,7 +54,7 @@
* not verified.
*
* @author Martin Man <[EMAIL PROTECTED]>
- * @version CVS $Revision: 1.3.2.8 $ $Date: 2001/08/22 12:08:20 $
+ * @version CVS $Revision: 1.3.2.9 $ $Date: 2001/08/25 13:35:24 $
*/
public class DatabaseAuthenticatorAction extends AbstractDatabaseAction implements
ThreadSafe
{
@@ -76,10 +79,10 @@
try {
Configuration conf = this.getConfiguration (
parameters.getParameter ("descriptor", (String)
this.settings.get("descriptor")),
- parameters.getParameterAsBoolean("reloadable",reloadable));
+ parameters.getParameterAsBoolean("reloadable",reloadable));
boolean cs = true;
String create_session = parameters.getParameter ("create-session",
- (String) this.settings.get("create-session"));
+ (String) this.settings.get("create-session"));
if (create_session != null &&
("no".equals (create_session.trim ()) || "false".equals
(create_session.trim ()))) {
cs = false;
@@ -124,19 +127,23 @@
HashMap actionMap = this.propagateParameters (conf, rs,
session);
-
- conn.commit();
+ if(!conn.getAutoCommit()) {
+ conn.commit();
+ }
return Collections.unmodifiableMap (actionMap);
}
-
- conn.rollback();
+ if(!conn.getAutoCommit()) {
+ conn.rollback();
+ }
req.setAttribute("message", "The username or password were incorrect,
please check your CAPS LOCK key and try again.");
getLogger ().debug ("DBAUTH: no results for query");
} catch (Exception e) {
if (conn != null) {
try {
- conn.rollback();
+ if(!conn.getAutoCommit()) {
+ conn.rollback();
+ }
} catch (Exception se) {/* ignore */}
}
getLogger().debug ("exception: ", e);
@@ -173,13 +180,16 @@
request_param.trim().equals ("")) {
continue;
}
+ } catch (Exception e) {
+ continue;
+ }
+ try {
nullstr = select[i].getAttribute ("nullable");
if (nullstr != null) nullstr = nullstr.trim ();
if ("yes".equals (nullstr) || "true".equals (nullstr)) {
nullable = true;
}
- } catch (Exception e) {
- continue;
+ } catch (Exception e1) {
}
/* if there is a request parameter name,
* but not the value, we exit immediately do
@@ -262,5 +272,5 @@
}
}
-// $Id: DatabaseAuthenticatorAction.java,v 1.3.2.8 2001/08/22 12:08:20 sylvain Exp $
+// $Id: DatabaseAuthenticatorAction.java,v 1.3.2.9 2001/08/25 13:35:24 mman Exp $
// vim: set et ts=4 sw=4:
----------------------------------------------------------------------
In case of troubles, e-mail: [EMAIL PROTECTED]
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
