[tomee] 18/48: TOMEE-2365 - Properly override validate method on default Identity Store.

Wed, 09 Jan 2019 09:26:02 -0800 

This is an automated email from the ASF dual-hosted git repository.

radcortez pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomee.git

commit 627224f89078b0e1adad09864ca3b471f534e8e0
Author: Roberto Cortez <[email protected]>
AuthorDate: Wed Dec 26 16:15:36 2018 +0000

    TOMEE-2365 - Properly override validate method on default Identity Store.
---
 .../identitystore/TomEEDefaultIdentityStore.java        | 17 ++++++++++++-----
 1 file changed, 12 insertions(+), 5 deletions(-)

diff --git 
a/tomee/tomee-security/src/main/java/org/apache/tomee/security/identitystore/TomEEDefaultIdentityStore.java
 
b/tomee/tomee-security/src/main/java/org/apache/tomee/security/identitystore/TomEEDefaultIdentityStore.java
index a687ae1..48caa07 100644
--- 
a/tomee/tomee-security/src/main/java/org/apache/tomee/security/identitystore/TomEEDefaultIdentityStore.java
+++ 
b/tomee/tomee-security/src/main/java/org/apache/tomee/security/identitystore/TomEEDefaultIdentityStore.java
@@ -25,6 +25,7 @@ import org.apache.tomee.loader.TomcatHelper;
 
 import javax.annotation.PostConstruct;
 import javax.enterprise.context.ApplicationScoped;
+import javax.security.enterprise.credential.Credential;
 import javax.security.enterprise.credential.UsernamePasswordCredential;
 import javax.security.enterprise.identitystore.CredentialValidationResult;
 import javax.security.enterprise.identitystore.IdentityStore;
@@ -44,11 +45,17 @@ public class TomEEDefaultIdentityStore implements 
IdentityStore {
         userDatabase = (UserDatabase) 
server.getGlobalNamingContext().lookup(userDataBaseResource.getName());
     }
 
-    public CredentialValidationResult validate(final 
UsernamePasswordCredential credential) {
-        return 
Optional.ofNullable(userDatabase.findUser(credential.getCaller()))
-                       .filter(user -> 
user.getPassword().equals(credential.getPasswordAsString()))
-                       .map(user -> new 
CredentialValidationResult(user.getUsername(), getUserRoles(user)))
-                       .orElse(CredentialValidationResult.INVALID_RESULT);
+    @Override
+    public CredentialValidationResult validate(final Credential credential) {
+        if (credential instanceof UsernamePasswordCredential) {
+            final UsernamePasswordCredential usernamePasswordCredential = 
(UsernamePasswordCredential) credential;
+            return 
Optional.ofNullable(userDatabase.findUser(usernamePasswordCredential.getCaller()))
+                           .filter(user -> 
user.getPassword().equals(usernamePasswordCredential.getPasswordAsString()))
+                           .map(user -> new 
CredentialValidationResult(user.getUsername(), getUserRoles(user)))
+                           .orElse(CredentialValidationResult.INVALID_RESULT);
+        }
+
+        return CredentialValidationResult.NOT_VALIDATED_RESULT;
     }
 
     @Override

Reply via email to