[ http://issues.apache.org/jira/browse/JS2-221?page=history ]
Ate Douma closed JS2-221:
-------------------------
Assign To: Ate Douma
Resolution: Fixed
Fix Version: 2.0-dev/cvs
2.0-M2
Fix applied, thanks!
> Current SecurityAccess Implementation prevent mutli-authentication provider
> mechanism work
> ------------------------------------------------------------------------------------------
>
> Key: JS2-221
> URL: http://issues.apache.org/jira/browse/JS2-221
> Project: Jetspeed 2
> Type: Bug
> Components: Security
> Versions: 2.0-M2
> Environment: Microsoft Windows XP with SP2
> J2SDK 1.4.2_07
> Reporter: JamesLiao
> Assignee: Ate Douma
> Priority: Critical
> Fix For: 2.0-dev/cvs, 2.0-M2
>
> When I have two authentication providers(database authentication provider and
> ldap authentication provider). At the first time, I login with an principal
> which is defined in the ldap, I can successfully login. For the second time,
> this user's authentication provider will change to the default database,
> cause J2 will create an mapping only principal in table SECURITY_PRINCIPAL.
> Of course, I fail to login.
> I think it should not return the database authentication provider, it should
> return the real authentication provider.
> I change the code in class:
> org.apache.jetspeed.security.spi.impl.SecurityAccessImpl
> The orginal code:
> /**
> * <p>
> * Returns if a Internal UserPrincipal is defined for the user name.
> * </p>
> *
> * @param username The user name.
> * @return true if the user is known
> */
> public boolean isKnownUser(String username)
> {
> UserPrincipal userPrincipal = new UserPrincipalImpl(username);
> String fullPath = userPrincipal.getFullPath();
> // Get user.
> Criteria filter = new Criteria();
> filter.addEqualTo("fullPath", fullPath);
> Query query = QueryFactory.newQuery(InternalUserPrincipalImpl.class,
> filter);
> return getPersistenceBrokerTemplate().getCount(query) == 1;
> }
> Code after I modified:
> /**
> * <p>
> * Returns if a Internal UserPrincipal is defined for the user name.
> * The Jetspeed 2 implementation does not distinguish if this user
> * is a Mapping_Only user. I think we have to distinguish it cause it will
> * return the wrong Authentication Provider.
> *
> * An alternative solution is: we binding the username and Authentication
> Provider
> * for the first time login, then cache it in the memory or something,
> * then we don't need to change here.
> * </p>
> *
> * @param username The user name.
> * @return true if the user is known
> */
> public boolean isKnownUser(String username) {
> UserPrincipal userPrincipal = new UserPrincipalImpl(username);
> String fullPath = userPrincipal.getFullPath();
> // Get user.
> Criteria filter = new Criteria();
> // fullPath must be equal.
> filter.addEqualTo("fullPath", fullPath);
> // The isMappingOnly must not be true.
> // We don't need the mapping only user, mapping user can't be
> authenticated with this provider.
> // we just need the true user.
> filter.addEqualTo("isMappingOnly", Boolean.FALSE);
> Query query = QueryFactory.newQuery(InternalUserPrincipalImpl.class,
> filter);
> return getPersistenceBrokerTemplate().getCount(query) == 1;
> }
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
If you want more information on JIRA, or have a bug to report see:
http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
