]> git.argeo.org Git - lgpl/argeo-commons.git/blobdiff - org.argeo.cms/src/org/argeo/cms/auth/UserAdminLoginModule.java
projects / lgpl / argeo-commons.git / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Fix reverted boolean value
[lgpl/argeo-commons.git] / org.argeo.cms / src / org / argeo / cms / auth / UserAdminLoginModule.java
diff --git a/org.argeo.cms/src/org/argeo/cms/auth/UserAdminLoginModule.java b/org.argeo.cms/src/org/argeo/cms/auth/UserAdminLoginModule.java
index 53b4242ef0be61043f4ec3325189af0974f5b17e..ea2a6dedf6ea2877c3dcf487999420118aa9aa31 100644 (file)
--- a/org.argeo.cms/src/org/argeo/cms/auth/UserAdminLoginModule.java
+++ b/org.argeo.cms/src/org/argeo/cms/auth/UserAdminLoginModule.java
@@ -14,6 +14,7 @@ import javax.security.auth.callback.NameCallback;
 import javax.security.auth.callback.PasswordCallback;
 import javax.security.auth.callback.UnsupportedCallbackException;
 import javax.security.auth.login.CredentialNotFoundException;
+import javax.security.auth.login.FailedLoginException;
 import javax.security.auth.login.LoginException;
 import javax.security.auth.spi.LoginModule;
 import javax.servlet.http.HttpServletRequest;
@@ -108,9 +109,10 @@ public class UserAdminLoginModule implements LoginModule, AuthConstants {
 
                                        User user = userAdmin.getUser(null, username);
                                        if (user == null)
-                                               return false;
+                                               throw new FailedLoginException("Invalid credentials");
                                        if (!user.hasCredential(null, password))
-                                               return false;
+                                               throw new FailedLoginException("Invalid credentials");
+                                       // return false;
                                        authorization = userAdmin.getAuthorization(user);
                                }
                        }
@@ -126,7 +128,7 @@ public class UserAdminLoginModule implements LoginModule, AuthConstants {
        public boolean commit() throws LoginException {
                Authorization authorization = subject
                                .getPrivateCredentials(Authorization.class).iterator().next();
-               if (request != null) {
+               if (request != null && authorization.getName() != null) {
                        request.setAttribute(HttpContext.REMOTE_USER,
                                        authorization.getName());
                        request.setAttribute(HttpContext.AUTHORIZATION, authorization);
Argeo Commons - Lightweight integration framework in pure Java/OSGi