package org.argeo.security.jcr.jackrabbit;
import java.util.ArrayList;
+import java.util.Arrays;
import java.util.Iterator;
import java.util.LinkedHashSet;
import java.util.List;
import org.argeo.ArgeoException;
import org.argeo.jcr.JcrUtils;
import org.argeo.jcr.UserJcrUtils;
+import org.argeo.security.NodeAuthenticationToken;
import org.argeo.security.UserAdminService;
import org.argeo.security.jcr.JcrSecurityModel;
import org.argeo.security.jcr.JcrUserDetails;
// AUTHENTICATION PROVIDER
public synchronized Authentication authenticate(
Authentication authentication) throws AuthenticationException {
- UsernamePasswordAuthenticationToken siteAuth = (UsernamePasswordAuthenticationToken) authentication;
+ NodeAuthenticationToken siteAuth = (NodeAuthenticationToken) authentication;
String username = siteAuth.getName();
+ if (!(siteAuth.getCredentials() instanceof char[]))
+ throw new ArgeoException("Only char array passwords are supported");
+ char[] password = (char[]) siteAuth.getCredentials();
try {
SimpleCredentials sp = new SimpleCredentials(siteAuth.getName(),
- siteAuth.getCredentials().toString().toCharArray());
+ password);
User user = (User) getUserManager().getAuthorizable(username);
if (user == null)
throw new BadCredentialsException("Bad credentials");
} catch (Exception e) {
throw new BadCredentialsException(
"Cannot authenticate " + siteAuth, e);
+ } finally {
+ Arrays.fill(password, '*');
}
try {
JcrUserDetails userDetails = loadJcrUserDetails(adminSession,
username);
- UsernamePasswordAuthenticationToken authenticated = new UsernamePasswordAuthenticationToken(
- siteAuth, "", userDetails.getAuthorities());
+ NodeAuthenticationToken authenticated = new NodeAuthenticationToken(
+ siteAuth, userDetails.getAuthorities());
authenticated.setDetails(userDetails);
return authenticated;
} catch (RepositoryException e) {