Author: shane.bryzak(a)jboss.com
Date: 2008-10-21 22:32:14 -0400 (Tue, 21 Oct 2008)
New Revision: 9376
Modified:
trunk/src/main/org/jboss/seam/security/management/IdentityManager.java
trunk/src/main/org/jboss/seam/security/management/IdentityStore.java
Log:
don't authenticate empty usernames
Modified: trunk/src/main/org/jboss/seam/security/management/IdentityManager.java
===================================================================
--- trunk/src/main/org/jboss/seam/security/management/IdentityManager.java 2008-10-21
22:53:06 UTC (rev 9375)
+++ trunk/src/main/org/jboss/seam/security/management/IdentityManager.java 2008-10-22
02:32:14 UTC (rev 9376)
@@ -4,10 +4,12 @@
import static org.jboss.seam.annotations.Install.BUILT_IN;
import java.io.Serializable;
+import java.security.Principal;
import java.util.Collections;
import java.util.Comparator;
import java.util.List;
+import org.apache.wicket.util.string.Strings;
import org.jboss.seam.Component;
import org.jboss.seam.annotations.Create;
import org.jboss.seam.annotations.Install;
@@ -252,6 +254,12 @@
return roleIdentityStore.getImpliedRoles(name);
}
+ public List<Principal> listMembers(String role)
+ {
+ Identity.instance().checkPermission(ROLE_PERMISSION_NAME, PERMISSION_READ);
+ return roleIdentityStore.listMembers(role);
+ }
+
public List<String> getRoleGroups(String name)
{
return roleIdentityStore.getRoleGroups(name);
@@ -259,6 +267,7 @@
public boolean authenticate(String username, String password)
{
+ if (Strings.isEmpty(username)) return false;
return identityStore.authenticate(username, password);
}
Modified: trunk/src/main/org/jboss/seam/security/management/IdentityStore.java
===================================================================
--- trunk/src/main/org/jboss/seam/security/management/IdentityStore.java 2008-10-21
22:53:06 UTC (rev 9375)
+++ trunk/src/main/org/jboss/seam/security/management/IdentityStore.java 2008-10-22
02:32:14 UTC (rev 9376)
@@ -1,5 +1,6 @@
package org.jboss.seam.security.management;
+import java.security.Principal;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
@@ -209,6 +210,11 @@
* Returns a list of all the groups that the specified role is a member of.
*/
List<String> getRoleGroups(String name);
+
+ /**
+ * Lists the members of the specified role.
+ */
+ List<Principal> listMembers(String role);
/**
* Authenticates the specified user, using the specified password.
Show replies by date