CryptedSimpleCredentials uses .matches on userid for equality test
------------------------------------------------------------------
Key: JCR-2489
URL: https://issues.apache.org/jira/browse/JCR-2489
Project: Jackrabbit Content Repository
Issue Type: Bug
Components: jackrabbit-core
Affects Versions: 1.5.7
Reporter: Nicholas Stuart
CryptedSimpleCredentials use getUserId().matches(cred.getUserId()) to match the
userID values, but this uses a regex so it's kind of dangerous to have this
here, and actually fails if say, the username has a + in it.
Is there a reason why .equals() is not used?
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
