[
https://issues.apache.org/jira/browse/FTPSERVER-183?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Niklas Gustavsson updated FTPSERVER-183:
----------------------------------------
Fix Version/s: 1.0-M4
Assignee: Niklas Gustavsson
> DBUserManager and PropertiesUserManager are not storing the password in the
> User object after in "authenticate()"
> ------------------------------------------------------------------------------------------------------------------
>
> Key: FTPSERVER-183
> URL: https://issues.apache.org/jira/browse/FTPSERVER-183
> Project: FtpServer
> Issue Type: Bug
> Components: Core
> Affects Versions: 1.0-M4
> Reporter: David Latorre
> Assignee: Niklas Gustavsson
> Priority: Minor
> Fix For: 1.0-M4
>
> Attachments: UserManagers.patch
>
>
> I suppose that as a result of the change in the strategy to encrypt passwords
> in DBUserManager, getUserByName() -called by the authenticate() method -
> returns an User object with the password field unset.
> When trying to use the "save" method , this line throws a
> NullPointerException
> map.put(ATTR_PASSWORD,
> escapeString(passwordEncryptor.encrypt(user.getPassword())));
> My reason to use this method is that I call DBUserManager.save() to update
> the user in the database with last-login information.
> I'm providing a patch although maybe there's a more elegant solution. The
> same modification is done in PropertiesUserManager for coherence.
> Important Note: with my provided path , the user's password should not be
> included in the WHERE query of "updateStatement" as there's a chance that for
> a PasswordEncryptor, the result of passwordEncryptor.encrypt is not the
> same as the stored password even if matches() returns true.
>
>
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
