X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Fauth%2FUserAdminLoginModule.java;h=f5883a54f1035fc10608f7a5152380affa486c7a;hb=0007b2e3582330391e6cf44a99c0e82e5b574796;hp=243eb0fec84e1d6288cd89b187dc63a6f980b640;hpb=a444205e81419d439635a9e0ff3382ae3f5d9947;p=lgpl%2Fargeo-commons.git

diff --git a/org.argeo.cms/src/org/argeo/cms/auth/UserAdminLoginModule.java b/org.argeo.cms/src/org/argeo/cms/auth/UserAdminLoginModule.java
index 243eb0fec..f5883a54f 100644
--- a/org.argeo.cms/src/org/argeo/cms/auth/UserAdminLoginModule.java
+++ b/org.argeo.cms/src/org/argeo/cms/auth/UserAdminLoginModule.java
@@ -74,8 +74,10 @@ public class UserAdminLoginModule implements LoginModule {
 		if (sharedState.containsKey(CmsAuthUtils.SHARED_STATE_NAME)
 				&& sharedState.containsKey(CmsAuthUtils.SHARED_STATE_PWD)) {
 			username = (String) sharedState.get(CmsAuthUtils.SHARED_STATE_NAME);
-			password = (char[]) sharedState.get(CmsAuthUtils.SHARED_STATE_NAME);
+			password = (char[]) sharedState.get(CmsAuthUtils.SHARED_STATE_PWD);
 			// TODO locale?
+			AuthenticatingUser authenticatingUser = new AuthenticatingUser(username, password);
+			authorization = userAdmin.getAuthorization(authenticatingUser);
 		} else {
 
 			// ask for username and password
@@ -114,24 +116,23 @@ public class UserAdminLoginModule implements LoginModule {
 				password = passwordCallback.getPassword();
 			else
 				throw new CredentialNotFoundException("No credentials provided");
+			// FIXME move Argeo specific convention from user admin to here
+			User user = userAdmin.getUser(null, username);
+			if (user == null)
+				throw new FailedLoginException("Invalid credentials");
+			if (!user.hasCredential(null, password))
+				throw new FailedLoginException("Invalid credentials");
+			// return false;
+
+			// Log and monitor new login
+			// if (log.isDebugEnabled())
+			// log.debug("Logged in to CMS with username [" + username +
+			// "]");
+
+			authorization = userAdmin.getAuthorization(user);
+			assert authorization != null;
 		}
 
-		// FIXME move Argeo specific convention from user admin to here
-		User user = userAdmin.getUser(null, username);
-		if (user == null)
-			throw new FailedLoginException("Invalid credentials");
-		if (!user.hasCredential(null, password))
-			throw new FailedLoginException("Invalid credentials");
-		// return false;
-
-		// Log and monitor new login
-		// if (log.isDebugEnabled())
-		// log.debug("Logged in to CMS with username [" + username +
-		// "]");
-
-		authorization = userAdmin.getAuthorization(user);
-		assert authorization != null;
-
 		// }
 		// if
 		// (!sharedState.containsKey(CmsAuthUtils.SHARED_STATE_AUTHORIZATION))