Author: lektran
Date: Fri Feb 12 03:33:20 2010
New Revision: 909216
URL: http://svn.apache.org/viewvc?rev=909216&view=rev
Log:
Moved username.lowercase and password.lowercase security property checks from
calling events to the userLogin service itself
Modified:
ofbiz/trunk/framework/common/src/org/ofbiz/common/login/LoginServices.java
ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java
Modified:
ofbiz/trunk/framework/common/src/org/ofbiz/common/login/LoginServices.java
URL:
http://svn.apache.org/viewvc/ofbiz/trunk/framework/common/src/org/ofbiz/common/login/LoginServices.java?rev=909216&r1=909215&r2=909216&view=diff
==============================================================================
--- ofbiz/trunk/framework/common/src/org/ofbiz/common/login/LoginServices.java
(original)
+++ ofbiz/trunk/framework/common/src/org/ofbiz/common/login/LoginServices.java
Fri Feb 12 03:33:20 2010
@@ -110,6 +110,13 @@
errMsg =
UtilProperties.getMessage(resource,"loginservices.password_missing", locale);
} else {
+ if
("true".equalsIgnoreCase(UtilProperties.getPropertyValue("security.properties",
"username.lowercase"))) {
+ username = username.toLowerCase();
+ }
+ if
("true".equalsIgnoreCase(UtilProperties.getPropertyValue("security.properties",
"password.lowercase"))) {
+ password = password.toLowerCase();
+ }
+
boolean repeat = true;
// starts at zero but it incremented at the beggining so in the
first pass passNumber will be 1
int passNumber = 0;
Modified:
ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java
URL:
http://svn.apache.org/viewvc/ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java?rev=909216&r1=909215&r2=909216&view=diff
==============================================================================
--- ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java
(original)
+++ ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java
Fri Feb 12 03:33:20 2010
@@ -239,19 +239,12 @@
if (userLogin == null) {
// check parameters
- if (username == null) username = request.getParameter("USERNAME");
- if (password == null) password = request.getParameter("PASSWORD");
+ username = request.getParameter("USERNAME");
+ password = request.getParameter("PASSWORD");
// check session attributes
if (username == null) username = (String)
session.getAttribute("USERNAME");
if (password == null) password = (String)
session.getAttribute("PASSWORD");
- if ((username != null) &&
("true".equalsIgnoreCase(UtilProperties.getPropertyValue("security.properties",
"username.lowercase")))) {
- username = username.toLowerCase();
- }
- if ((password != null) &&
("true".equalsIgnoreCase(UtilProperties.getPropertyValue("security.properties",
"password.lowercase")))) {
- password = password.toLowerCase();
- }
-
// in this condition log them in if not already; if not logged in
or can't log in, save parameters and return error
if ((username == null) || (password == null) ||
("error".equals(login(request, response)))) {
@@ -323,14 +316,6 @@
return "error";
}
-
- if ((username != null) &&
("true".equalsIgnoreCase(UtilProperties.getPropertyValue("security.properties",
"username.lowercase")))) {
- username = username.toLowerCase();
- }
- if ((password != null) &&
("true".equalsIgnoreCase(UtilProperties.getPropertyValue("security.properties",
"password.lowercase")))) {
- password = password.toLowerCase();
- }
-
String requirePasswordChange =
request.getParameter("requirePasswordChange");
// get the visit id to pass to the userLogin for history
