jcabrerizo commented on a change in pull request #1202:
URL: https://github.com/apache/brooklyn-server/pull/1202#discussion_r670548929
##########
File path:
rest/rest-resources/src/main/java/org/apache/brooklyn/rest/security/provider/LdapSecurityProvider.java
##########
@@ -99,13 +108,76 @@ public boolean authenticate(HttpServletRequest request,
Supplier<HttpSession> se
env.put(Context.SECURITY_PRINCIPAL, getSecurityPrincipal(user));
env.put(Context.SECURITY_CREDENTIALS, pass);
- new InitialDirContext(env); // will throw if password is invalid
+ DirContext ctx = new InitialDirContext(env);// will throw if
password is invalid
Review comment:
I don't think it's needed. If the authentication fails an ti throw an
exception, the context won't be created and the user remains unathenticated.
Why do you think is needed @duncangrant ?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: dev-unsubscr...@brooklyn.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
