cvs commit: jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl DefaultCredentialHandler.java

Tue, 19 Oct 2004 14:08:01 -0700 

ate         2004/10/19 14:07:55

  Modified:    components/security/src/java/org/apache/jetspeed/security/spi/impl
                        DefaultCredentialHandler.java
  Log:
  Fix/workaround for a strange ojb bug?
  Changing a password was implemented by removing the old credential and adding a new 
one.
  But, OJB didn't remove the old credential. And when deleting the principal it 
'forgot' to delete this child record leading to child found exceptions.
  Solved by doing an actual update on the persistent credential.
  
  Revision  Changes    Path
  1.6       +17 -7     
jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultCredentialHandler.java
  
  Index: DefaultCredentialHandler.java
  ===================================================================
  RCS file: 
/home/cvs/jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultCredentialHandler.java,v
  retrieving revision 1.5
  retrieving revision 1.6
  diff -u -r1.5 -r1.6
  --- DefaultCredentialHandler.java     18 Oct 2004 01:35:48 -0000      1.5
  +++ DefaultCredentialHandler.java     19 Oct 2004 21:07:55 -0000      1.6
  @@ -151,15 +151,25 @@
           {
               credentials = new ArrayList();
           }
  +            
           if (null != oldPwdCredential)
           {
               InternalCredential oldInternalCredential = new 
InternalCredentialImpl(internalUser.getPrincipalId(),
                       new String(oldPwdCredential.getPassword()), type, 
oldPwdCredential.getClass().getName());
  -            if (credentials.contains(oldInternalCredential))
  +            Iterator iter = credentials.iterator();
  +            boolean updated = false;
  +            
  +            while (iter.hasNext())
               {
  -                credentials.remove(oldInternalCredential);
  +                InternalCredential credential = (InternalCredential) iter.next();
  +                if ( credential.equals(oldInternalCredential))
  +                {
  +                    credential.setValue(new String(newPwdCredential.getPassword()));
  +                    updated = true;
  +                    break;
  +                }
               }
  -            else
  +            if (!updated)
               {
                   // supplied PasswordCredential not defined for this user
                   throw new SecurityException(SecurityException.INVALID_PASSWORD);
  @@ -181,11 +191,11 @@
                           throw new 
SecurityException(SecurityException.PASSWORD_REQUIRED);
                       }
                   }
  -            }            
  +            } 
  +            InternalCredential newInternalCredential = new 
InternalCredentialImpl(internalUser.getPrincipalId(),
  +                    new String(newPwdCredential.getPassword()), type, 
newPwdCredential.getClass().getName());
  +            credentials.add(newInternalCredential);
           }
  -        InternalCredential newInternalCredential = new 
InternalCredentialImpl(internalUser.getPrincipalId(),
  -                new String(newPwdCredential.getPassword()), type, 
newPwdCredential.getClass().getName());
  -        credentials.add(newInternalCredential);
           internalUser.setModifiedDate(new Timestamp(System.currentTimeMillis()));
           internalUser.setCredentials(credentials);
           // Set the user with the new credentials.
  
  
  

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to