LibreCCM
/
libreccm-legacy
3
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Some bugfixes for the JndiLoginModule 

git-svn-id: https://svn.libreccm.org/ccm/trunk@6270 8810af33-2d31-482b-a856-94f89814c4df
master
jensp 2019-10-17 17:35:54 +00:00
parent 3973c56df8
commit a6ffe42ec1
1 changed files with 14 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
ccm-core/src/com/arsdigita/kernel/security/JndiLoginModule.java
View File

@ -39,11 +39,11 @@ import java.math.BigDecimal;
* *
* Currently not tested with LDAPS schema. * Currently not tested with LDAPS schema.
* *
* The module uses the SSO login name for finding the user in the LDAP * The module uses the SSO login name for finding the user in the LDAP
* repository. If no user with the an SSO name matching the provided user name * repository. If no user with the an SSO name matching the provided user name
* is found the methods of the login module will return false which means that * is found the methods of the login module will return false which means that
* the module should be ignored. * the module should be ignored.
* *
* To use the module has to be added to the list of {@code LoginModule}s in the * To use the module has to be added to the list of {@code LoginModule}s in the
* {@link SecurityConfig}. An example configuration (line breaks for easier * {@link SecurityConfig}. An example configuration (line breaks for easier
* reading, remove them for the properties file): * reading, remove them for the properties file):
@ -68,8 +68,8 @@ import java.math.BigDecimal;
* </pre> * </pre>
* *
* The {@code connectionUrl} is the URL of the LDAP server to use. * The {@code connectionUrl} is the URL of the LDAP server to use.
* {@code userBase} is the tree part in which the users are stored. * {@code userBase} is the tree part in which the users are stored.
* {@code userSearch} defines an LDAP filter for searching the user. * {@code userSearch} defines an LDAP filter for searching the user.
* {@link String#format} is used to fill in the username. * {@link String#format} is used to fill in the username.
* *
* @author <a href="mailto:jens.pelzetter@googlemail.com">Jens Pelzetter</a> * @author <a href="mailto:jens.pelzetter@googlemail.com">Jens Pelzetter</a>
@ -105,7 +105,7 @@ public class JndiLoginModule extends PasswordLoginModule implements LoginModule
userAuthentication = UserAuthentication userAuthentication = UserAuthentication
.retrieveForSSOlogin(getUsername()); .retrieveForSSOlogin(getUsername());
} catch (DataObjectNotFoundException ex) { } catch (DataObjectNotFoundException ex) {
return false; throw new FailedLoginException("User not found in LDAP.");
} }
final boolean result = super.login(); final boolean result = super.login();
return result; return result;
@ -115,31 +115,29 @@ public class JndiLoginModule extends PasswordLoginModule implements LoginModule
public boolean commit() throws LoginException { public boolean commit() throws LoginException {
LOGGER.debug("Commit"); LOGGER.debug("Commit");
if (userAuthentication == null) { if (userAuthentication != null) {
return false; final BigDecimal userId = userAuthentication.getUser().getID();
subject.getPrincipals().add(new PartyPrincipal(userId));
} }
final BigDecimal userId = userAuthentication.getUser().getID();
subject.getPrincipals().add(new PartyPrincipal(userId));
return true; return true;
} }
@Override @Override
public boolean abort() throws LoginException { public boolean abort() throws LoginException {
LOGGER.debug("Aborting"); LOGGER.debug("Aborting");
if (userAuthentication == null) { // if (userAuthentication == null) {
return false; // return false;
} // }
return true; return true;
} }
@Override @Override
public boolean logout() throws LoginException { public boolean logout() throws LoginException {
LOGGER.debug("Logout"); LOGGER.debug("Logout");
if (userAuthentication == null) { // if (userAuthentication == null) {
return false; // return false;
} // }
return true; return true;
} }