[jboss-cvs] JBossAS SVN: r84648 - projects/security/security-jboss-sx/branches/Branch_2_0/jbosssx/src/main/java/org/jboss/security/auth/spi.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Mon Feb 23 12:46:45 EST 2009
Author: sguilhen at redhat.com
Date: 2009-02-23 12:46:45 -0500 (Mon, 23 Feb 2009)
New Revision: 84648
Modified:
projects/security/security-jboss-sx/branches/Branch_2_0/jbosssx/src/main/java/org/jboss/security/auth/spi/UsernamePasswordLoginModule.java
Log:
SECURITY-370: merged changes from trunk
Modified: projects/security/security-jboss-sx/branches/Branch_2_0/jbosssx/src/main/java/org/jboss/security/auth/spi/UsernamePasswordLoginModule.java
===================================================================
--- projects/security/security-jboss-sx/branches/Branch_2_0/jbosssx/src/main/java/org/jboss/security/auth/spi/UsernamePasswordLoginModule.java 2009-02-23 17:39:03 UTC (rev 84647)
+++ projects/security/security-jboss-sx/branches/Branch_2_0/jbosssx/src/main/java/org/jboss/security/auth/spi/UsernamePasswordLoginModule.java 2009-02-23 17:46:45 UTC (rev 84648)
@@ -76,11 +76,14 @@
/** A flag indicating if the store password should be hashed using the hashAlgorithm */
private boolean hashStorePassword;
- /** A flag indicating if the user inputted password should be hashed using the hashAlgorithm */
+ /** A flag indicating if the user supplied password should be hashed using the hashAlgorithm */
private boolean hashUserPassword = true;
/** A flag that restores the ability to override the createPasswordHash(String,String) */
private boolean legacyCreatePasswordHash;
- /** */
+
+ /** A flag that indicates whether validation errors should be exposed to clients or not */
+ private boolean throwValidateError = false;
+ /** A {@code Throwable} representing the validation error */
private Throwable validateError;
/** Override the superclass method to look for the following options after
@@ -105,6 +108,7 @@
the store/expected password. Only used if hashStorePassword or hashUserPassword is true and
hashAlgorithm has been specified.
*/
+ @Override
public void initialize(Subject subject, CallbackHandler callbackHandler,
Map<String,?> sharedState, Map<String,?> options)
{
@@ -139,10 +143,14 @@
flag = (String) options.get("legacyCreatePasswordHash");
if( flag != null )
legacyCreatePasswordHash = Boolean.valueOf(flag).booleanValue();
+ flag = (String) options.get("throwValidateError");
+ if(flag != null)
+ this.throwValidateError = Boolean.valueOf(flag).booleanValue();
}
/** Perform the authentication of the username and password.
*/
+ @Override
@SuppressWarnings("unchecked")
public boolean login() throws LoginException
{
@@ -211,7 +219,7 @@
{
Throwable ex = getValidateError();
FailedLoginException fle = new FailedLoginException("Password Incorrect/Password Required");
- if( ex != null )
+ if( ex != null && this.throwValidateError == true)
{
log.debug("Bad password for username="+username, ex);
fle.initCause(ex);
@@ -234,10 +242,12 @@
return true;
}
+ @Override
protected Principal getIdentity()
{
return identity;
}
+ @Override
protected Principal getUnauthenticatedIdentity()
{
return unauthenticatedIdentity;
More information about the jboss-cvs-commits
mailing list