Author: shane.bryzak(a)jboss.com Date: 2008-06-06 12:07:16 -0400 (Fri, 06 Jun 2008) New Revision: 8341 Modified: trunk/src/main/org/jboss/seam/security/RememberMe.java Log: ensure the user account is enabled Modified: trunk/src/main/org/jboss/seam/security/RememberMe.java =================================================================== --- trunk/src/main/org/jboss/seam/security/RememberMe.java 2008-06-06 15:57:22 UTC (rev 8340) +++ trunk/src/main/org/jboss/seam/security/RememberMe.java 2008-06-06 16:07:16 UTC (rev 8341) @@ -73,7 +73,7 @@ @Override public String getCookieName() { - return "org.jboss.seam.security.token"; + return "org.jboss.seam.security.authtoken"; } } @@ -246,20 +246,23 @@ if (tokenStore.validateToken(identity.getCredentials().getUsername(), identity.getCredentials().getPassword())) { - // Success, authenticate the user - identity.getSubject().getPrincipals().add(new SimplePrincipal( - identity.getCredentials().getUsername())); - // And populate the roles - for (String role : IdentityManager.instance().getImpliedRoles( - identity.getCredentials().getUsername())) + // Success, authenticate the user (if their account is enabled) + if (IdentityManager.instance().isUserEnabled(identity.getCredentials().getUsername())) { - identity.addRole(role); + identity.getSubject().getPrincipals().add(new SimplePrincipal( + identity.getCredentials().getUsername())); + // And populate the roles + for (String role : IdentityManager.instance().getImpliedRoles( + identity.getCredentials().getUsername())) + { + identity.addRole(role); + } + + identity.postAuthenticate(); + + autoLoggedIn = true; } - - identity.postAuthenticate(); - - autoLoggedIn = true; - } + } } }