[
https://issues.apache.org/jira/browse/PDFBOX-2667?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14306021#comment-14306021
]
John Hewson edited comment on PDFBOX-2667 at 2/4/15 9:42 PM:
-------------------------------------------------------------
Yes, lets do that, as I commented on PDFBOX-1973:
{quote}
if we later decide that we need a specific exception to report invalid
passwords (I think a boolean return value would be more appropriate) then we
can easily add a subclass of IOException without altering the downstream API.
{quote}
was (Author: jahewson):
Yes, lets do that, as I commented on PDFBOX-1973:
{quote}
if we later decide that we need a specific exception to report invalid
passwords (I think a boolean return value would be more appropriate) then we
can easily add a *subclass* of IOException without altering the downstream API.
{quote}
> StandardSecurityHandler should throw InvalidPasswordException
> -------------------------------------------------------------
>
> Key: PDFBOX-2667
> URL: https://issues.apache.org/jira/browse/PDFBOX-2667
> Project: PDFBox
> Issue Type: Bug
> Components: PDModel
> Affects Versions: 2.0.0
> Reporter: Andrea Vacondio
> Fix For: 2.0.0
>
>
> As result of PDFBOX-1973 changes, according to comments Revision 1576587,
> the StandardSecurityHandler.prepareForDecryption now has something like this:
> {code}
> if(isOwnerPassword){
> //do something
> }else if(isUserPassword){
> //do something else
> }else{
> throw new IOException("Cannot decrypt PDF, the password is incorrect");
> }
> {code}
> In my use case the user tries to load a pdf, if the document is encrypted and
> he didn't supply a password or the supplied one is incorrect, a popup asking
> for the password is shown. The document is then loaded with the given
> password.
> In PDFBOX-1973 is discussed the possibility of throwing a different exception
> vs returning a boolean but currently none of the solutions is implemented and
> I can't distinguish between an "incorrect password" IOException vs a
> "something else is wrong" IOException.
> There is already a InvalidPasswordException in the excryption package but as
> far as I can tell it's only used in the examples project (btw that example
> must be somehow broken since the exception is never thrown)
> Unless you are going to implement the boolean solution, I'd suggest to modify
> the algorithm with:
> {code}
> if(isOwnerPassword){
> //do something
> }else if(isUserPassword){
> //do something else
> }else{
> throw new InvalidPasswordException("Cannot decrypt PDF, the password is
> incorrect");
> }
> {code}
> So users can react to an invalid password.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@pdfbox.apache.org
For additional commands, e-mail: dev-h...@pdfbox.apache.org
