Better protect access to Jackrabbit user manager

[lgpl/argeo-commons.git] / security / runtime / org.argeo.security.core / src / main / java / org / argeo / security / jcr / OsJcrAuthenticationProvider.java

diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/jcr/OsJcrAuthenticationProvider.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/jcr/OsJcrAuthenticationProvider.java
index 6c26d4627ec3ce291d03e7b3d1a5cb629f6f93cf..0e8213730ebcdee66823274d911f9732d63b477d 100644 (file)
--- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/jcr/OsJcrAuthenticationProvider.java
+++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/jcr/OsJcrAuthenticationProvider.java
@@ -58,7 +58,7 @@ public class OsJcrAuthenticationProvider extends OsAuthenticationProvider {
                        throws AuthenticationException {
                if (authentication instanceof UsernamePasswordAuthenticationToken) {
                        // deal with remote access to internal server
-                       // FIXME very primitive and unsecure at this stage
+                       // FIXME very primitive and unsecure at this sSession adminSession =tage
                        // consider using the keyring for username / password authentication
                        // or certificate
                        UsernamePasswordAuthenticationToken upat = (UsernamePasswordAuthenticationToken) authentication;