ate 2004/12/04 13:08:18
Modified:
components/security/src/java/org/apache/jetspeed/security/spi/impl
DefaultCredentialHandler.java
InternalPasswordCredentialStateHandlingInterceptor.java
Log:
Fix to support setting update required to false, even if a user hasn't
authenticated yet by also setting PreviousAuthenticationDate.
Relies on InternalPasswordCredentialStateHandlingInterceptor.afterLoad to
evaluate
both PreviousAuthenticationDate and LastAuthenticationDate == null to
determine if updateRequired has to be true.
Revision Changes Path
1.12 +8 -1
jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultCredentialHandler.java
Index: DefaultCredentialHandler.java
===================================================================
RCS file:
/home/cvs/jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultCredentialHandler.java,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -r1.11 -r1.12
--- DefaultCredentialHandler.java 25 Nov 2004 02:25:57 -0000 1.11
+++ DefaultCredentialHandler.java 4 Dec 2004 21:08:18 -0000 1.12
@@ -257,7 +257,14 @@
if ( credential != null && !credential.isExpired() &&
credential.isUpdateRequired() != updateRequired )
{
credential.setUpdateRequired(updateRequired);
- internalUser.setModifiedDate(new Timestamp(new
Date().getTime()));
+ long time = new Date().getTime();
+ credential.setModifiedDate(new Timestamp(time));
+ // temporary hack for now to support setting
passwordUpdateRequired = false
+ // for users never authenticated yet.
+ // The current
InternalPasswordCredentialStateHandlingInterceptor.afterLoad()
+ // logic will only set it (back) to true if both prev and
last auth. date is null
+ credential.setPreviousAuthenticationDate(new
Timestamp(time));
+ internalUser.setModifiedDate(new Timestamp(time));
securityAccess.setInternalUserPrincipal(internalUser, false);
}
}
1.5 +4 -2
jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/InternalPasswordCredentialStateHandlingInterceptor.java
Index: InternalPasswordCredentialStateHandlingInterceptor.java
===================================================================
RCS file:
/home/cvs/jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/InternalPasswordCredentialStateHandlingInterceptor.java,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- InternalPasswordCredentialStateHandlingInterceptor.java 25 Nov 2004
02:25:57 -0000 1.4
+++ InternalPasswordCredentialStateHandlingInterceptor.java 4 Dec 2004
21:08:18 -0000 1.5
@@ -84,7 +84,9 @@
credential.setExpirationDate(new Date(new
java.util.Date().getTime()+maxLifeSpanInMillis));
update = true;
}
- if ( !credential.isUpdateRequired() &&
credential.getLastAuthenticationDate() == null )
+ if ( !credential.isUpdateRequired() &&
+ credential.getLastAuthenticationDate() == null &&
+ credential.getPreviousAuthenticationDate() == null )
{
credential.setUpdateRequired(true);
update = true;
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
