X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Fauth%2FUserAdminLoginModule.java;h=ea2a6dedf6ea2877c3dcf487999420118aa9aa31;hb=0d430e00bed34cca1d41c26cc2cad35b797e89b8;hp=53e48e8c1ea4089eb13e7d5bd336c98619dc60c9;hpb=ad9eb24753d1486113cfbc19d8080f15ce5ff68a;p=lgpl%2Fargeo-commons.git

diff --git a/org.argeo.cms/src/org/argeo/cms/auth/UserAdminLoginModule.java b/org.argeo.cms/src/org/argeo/cms/auth/UserAdminLoginModule.java
index 53e48e8c1..ea2a6dedf 100644
--- a/org.argeo.cms/src/org/argeo/cms/auth/UserAdminLoginModule.java
+++ b/org.argeo.cms/src/org/argeo/cms/auth/UserAdminLoginModule.java
@@ -14,6 +14,7 @@ import javax.security.auth.callback.NameCallback;
 import javax.security.auth.callback.PasswordCallback;
 import javax.security.auth.callback.UnsupportedCallbackException;
 import javax.security.auth.login.CredentialNotFoundException;
+import javax.security.auth.login.FailedLoginException;
 import javax.security.auth.login.LoginException;
 import javax.security.auth.spi.LoginModule;
 import javax.servlet.http.HttpServletRequest;
@@ -70,6 +71,9 @@ public class UserAdminLoginModule implements LoginModule, AuthConstants {
 			} catch (IOException e) {
 				throw new LoginException("Cannot handle http callback: "
 						+ e.getMessage());
+			} catch (ThreadDeath e) {
+				throw new ThreadDeathLoginException(
+						"Callbackhandler thread died", e);
 			} catch (UnsupportedCallbackException e) {
 				return false;
 			}
@@ -105,9 +109,10 @@ public class UserAdminLoginModule implements LoginModule, AuthConstants {
 
 					User user = userAdmin.getUser(null, username);
 					if (user == null)
-						return false;
+						throw new FailedLoginException("Invalid credentials");
 					if (!user.hasCredential(null, password))
-						return false;
+						throw new FailedLoginException("Invalid credentials");
+					// return false;
 					authorization = userAdmin.getAuthorization(user);
 				}
 			}
@@ -123,7 +128,7 @@ public class UserAdminLoginModule implements LoginModule, AuthConstants {
 	public boolean commit() throws LoginException {
 		Authorization authorization = subject
 				.getPrivateCredentials(Authorization.class).iterator().next();
-		if (request != null) {
+		if (request != null && authorization.getName() != null) {
 			request.setAttribute(HttpContext.REMOTE_USER,
 					authorization.getName());
 			request.setAttribute(HttpContext.AUTHORIZATION, authorization);