Author: bdaw
Date: 2007-11-22 04:24:02 -0500 (Thu, 22 Nov 2007)
New Revision: 9073
Modified:
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0_0/identity/src/main/org/jboss/portal/identity/IdentityConfiguration.java
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0_0/identity/src/main/org/jboss/portal/identity/ldap/LDAPUserModule.java
Log:
Add 'allowEmptyPasswords' option in identity configuration
Modified:
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0_0/identity/src/main/org/jboss/portal/identity/IdentityConfiguration.java
===================================================================
---
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0_0/identity/src/main/org/jboss/portal/identity/IdentityConfiguration.java 2007-11-22
08:34:22 UTC (rev 9072)
+++
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0_0/identity/src/main/org/jboss/portal/identity/IdentityConfiguration.java 2007-11-22
09:24:02 UTC (rev 9073)
@@ -69,6 +69,8 @@
public static final String USER_SEARCH_FILTER = "userSearchFilter";
+ public static final String USER_ALLOW_EMPTY_PASSWORDS =
"allowEmptyPasswords";
+
//public static final String ROLE_CONTAINER_DN = "roleContainerDN";
public static final String ROLE_RID_ATTRIBUTE_ID = "ridAttributeID";
Modified:
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0_0/identity/src/main/org/jboss/portal/identity/ldap/LDAPUserModule.java
===================================================================
---
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0_0/identity/src/main/org/jboss/portal/identity/ldap/LDAPUserModule.java 2007-11-22
08:34:22 UTC (rev 9072)
+++
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0_0/identity/src/main/org/jboss/portal/identity/ldap/LDAPUserModule.java 2007-11-22
09:24:02 UTC (rev 9073)
@@ -117,6 +117,12 @@
public boolean validatePassword(LDAPUserImpl ldapu, String password) throws
IdentityException
{
+ // Depending on configuration reject authentication with empty password
+ if ((password == null || password.length() == 0) & !isAllowEmptyPasswords())
+ {
+ return false;
+ }
+
//will use user DN to bind checking the password by default
String principal = ldapu.getDn();
@@ -398,9 +404,20 @@
}
+ protected boolean isAllowEmptyPasswords()
+ {
+ String allowEmptyPasswords =
getIdentityConfiguration().getValue(IdentityConfiguration.USER_ALLOW_EMPTY_PASSWORDS);
+ if (allowEmptyPasswords != null &&
allowEmptyPasswords.equalsIgnoreCase("true"))
+ {
+ return Boolean.TRUE.booleanValue();
+ }
+ return Boolean.FALSE.booleanValue();
+ }
+
+
/*protected String getEmailAttributeId() throws IdentityException
{
String email =
getIdentityConfiguration().getValue(IdentityConfiguration.USER_EMAIL_ATTRIBUTE_ID);