]> git.argeo.org Git - lgpl/argeo-commons.git/blobdiff - org.argeo.security.core/src/org/argeo/security/jcr/jackrabbit/JackrabbitUserAdminService.java
projects / lgpl / argeo-commons.git / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Improve error handling
[lgpl/argeo-commons.git] / org.argeo.security.core / src / org / argeo / security / jcr / jackrabbit / JackrabbitUserAdminService.java
diff --git a/org.argeo.security.core/src/org/argeo/security/jcr/jackrabbit/JackrabbitUserAdminService.java b/org.argeo.security.core/src/org/argeo/security/jcr/jackrabbit/JackrabbitUserAdminService.java
index b648f32c38b583481142f472ed82978b1d0f779d..711c9d598e031f50069bd624bface214fac2638c 100644 (file)
--- a/org.argeo.security.core/src/org/argeo/security/jcr/jackrabbit/JackrabbitUserAdminService.java
+++ b/org.argeo.security.core/src/org/argeo/security/jcr/jackrabbit/JackrabbitUserAdminService.java
@@ -1,6 +1,7 @@
 package org.argeo.security.jcr.jackrabbit;
 
 import java.util.ArrayList;
+import java.util.Arrays;
 import java.util.Iterator;
 import java.util.LinkedHashSet;
 import java.util.List;
@@ -301,9 +302,12 @@ public class JackrabbitUserAdminService implements UserAdminService,
                        Authentication authentication) throws AuthenticationException {
                UsernamePasswordAuthenticationToken siteAuth = (UsernamePasswordAuthenticationToken) authentication;
                String username = siteAuth.getName();
+               if (!(siteAuth.getCredentials() instanceof char[]))
+                       throw new ArgeoException("Only char array passwords are supported");
+               char[] password = (char[]) siteAuth.getCredentials();
                try {
                        SimpleCredentials sp = new SimpleCredentials(siteAuth.getName(),
-                                       siteAuth.getCredentials().toString().toCharArray());
+                                       password);
                        User user = (User) getUserManager().getAuthorizable(username);
                        if (user == null)
                                throw new BadCredentialsException("Bad credentials");
@@ -323,6 +327,8 @@ public class JackrabbitUserAdminService implements UserAdminService,
                } catch (Exception e) {
                        throw new BadCredentialsException(
                                        "Cannot authenticate " + siteAuth, e);
+               } finally {
+                       Arrays.fill(password, '*');
                }
 
                try {
Argeo Commons - Lightweight integration framework in pure Java/OSGi