svn commit: r1780341 - /turbine/core/trunk/src/java/org/apache/turbine/modules/actions/LoginUser.java

[gk]

Author: gk
Date: Thu Jan 26 09:06:05 2017
New Revision: 1780341

URL: http://svn.apache.org/viewvc?rev=1780341&view=rev
Log:
- no anon user login by default

Modified:
    
turbine/core/trunk/src/java/org/apache/turbine/modules/actions/LoginUser.java

Modified: 
turbine/core/trunk/src/java/org/apache/turbine/modules/actions/LoginUser.java
URL: 
http://svn.apache.org/viewvc/turbine/core/trunk/src/java/org/apache/turbine/modules/actions/LoginUser.java?rev=1780341&r1=1780340&r2=1780341&view=diff
==============================================================================
--- 
turbine/core/trunk/src/java/org/apache/turbine/modules/actions/LoginUser.java 
(original)
+++ 
turbine/core/trunk/src/java/org/apache/turbine/modules/actions/LoginUser.java 
Thu Jan 26 09:06:05 2017
@@ -32,6 +32,7 @@ import org.apache.turbine.om.security.Us
 import org.apache.turbine.pipeline.PipelineData;
 import org.apache.turbine.services.security.SecurityService;
 import org.apache.turbine.util.RunData;
+import org.apache.turbine.util.TurbineException;
 
 /**
  * This is where we authenticate the user logging into the system
@@ -96,6 +97,11 @@ public class LoginUser
 
         try
         {
+               if (username.equals(security.getAnonymousUser().getName()))
+            {
+                throw new TurbineException("Anonymous user cannot login");
+            }
+               
             // Authenticate the user and get the object.
             User user = security.getAuthenticatedUser(username, password);