[jboss-cvs] JBossAS SVN: r84648 - projects/security/security-jboss-sx/branches/Branch_2_0/jbosssx/src/main/java/org/jboss/security/auth/spi.

jboss-cvs-commits at lists.jboss.org jboss-cvs-commits at lists.jboss.org
Mon Feb 23 12:46:45 EST 2009 

Author: sguilhen at redhat.com
Date: 2009-02-23 12:46:45 -0500 (Mon, 23 Feb 2009)
New Revision: 84648

Modified:
   projects/security/security-jboss-sx/branches/Branch_2_0/jbosssx/src/main/java/org/jboss/security/auth/spi/UsernamePasswordLoginModule.java
Log:
SECURITY-370: merged changes from trunk

Modified: projects/security/security-jboss-sx/branches/Branch_2_0/jbosssx/src/main/java/org/jboss/security/auth/spi/UsernamePasswordLoginModule.java
===================================================================
--- projects/security/security-jboss-sx/branches/Branch_2_0/jbosssx/src/main/java/org/jboss/security/auth/spi/UsernamePasswordLoginModule.java	2009-02-23 17:39:03 UTC (rev 84647)
+++ projects/security/security-jboss-sx/branches/Branch_2_0/jbosssx/src/main/java/org/jboss/security/auth/spi/UsernamePasswordLoginModule.java	2009-02-23 17:46:45 UTC (rev 84648)
@@ -76,11 +76,14 @@
    /** A flag indicating if the store password should be hashed using the hashAlgorithm  */
    private boolean hashStorePassword;
 
-   /** A flag indicating if the user inputted password should be hashed using the hashAlgorithm */
+   /** A flag indicating if the user supplied password should be hashed using the hashAlgorithm */
    private boolean hashUserPassword = true;
    /** A flag that restores the ability to override the createPasswordHash(String,String) */
    private boolean legacyCreatePasswordHash;
-   /** */
+   
+   /** A flag that indicates whether validation errors should be exposed to clients or not */
+   private boolean throwValidateError = false;
+   /** A {@code Throwable} representing the validation error */
    private Throwable validateError; 
 
    /** Override the superclass method to look for the following options after
@@ -105,6 +108,7 @@
       the store/expected password. Only used if hashStorePassword or hashUserPassword is true and
       hashAlgorithm has been specified.
     */
+   @Override
    public void initialize(Subject subject, CallbackHandler callbackHandler,
       Map<String,?> sharedState, Map<String,?> options)
    {
@@ -139,10 +143,14 @@
       flag = (String) options.get("legacyCreatePasswordHash");
       if( flag != null )
          legacyCreatePasswordHash = Boolean.valueOf(flag).booleanValue();
+      flag = (String) options.get("throwValidateError");
+      if(flag != null)
+         this.throwValidateError = Boolean.valueOf(flag).booleanValue();
    }
 
    /** Perform the authentication of the username and password.
     */
+   @Override
    @SuppressWarnings("unchecked")
    public boolean login() throws LoginException
    {
@@ -211,7 +219,7 @@
          {
             Throwable ex = getValidateError();
             FailedLoginException fle = new FailedLoginException("Password Incorrect/Password Required");
-            if( ex != null )
+            if( ex != null && this.throwValidateError == true)
             {
                log.debug("Bad password for username="+username, ex);
                fle.initCause(ex);
@@ -234,10 +242,12 @@
       return true;
    }
 
+   @Override
    protected Principal getIdentity()
    {
       return identity;
    }
+   @Override
    protected Principal getUnauthenticatedIdentity()
    {
       return unauthenticatedIdentity;

More information about the jboss-cvs-commits mailing list