[Yanel-commits] rev 22932 - public/yanel/trunk/src/core/java/org/wyona/yanel/servlet

josias at wyona.com josias at wyona.com
Fri Feb 23 23:25:32 CET 2007


Author: josias
Date: 2007-02-23 23:25:31 +0100 (Fri, 23 Feb 2007)
New Revision: 22932

Modified:
   public/yanel/trunk/src/core/java/org/wyona/yanel/servlet/YanelServlet.java
Log:
use new user api for the login code

Modified: public/yanel/trunk/src/core/java/org/wyona/yanel/servlet/YanelServlet.java
===================================================================
--- public/yanel/trunk/src/core/java/org/wyona/yanel/servlet/YanelServlet.java	2007-02-23 21:38:25 UTC (rev 22931)
+++ public/yanel/trunk/src/core/java/org/wyona/yanel/servlet/YanelServlet.java	2007-02-23 22:25:31 UTC (rev 22932)
@@ -60,6 +60,7 @@
 import org.wyona.security.core.api.IdentityManager;
 import org.wyona.security.core.api.PolicyManager;
 import org.wyona.security.core.api.Role;
+import org.wyona.security.core.api.User;
 
 import org.apache.log4j.Category;
 import org.apache.xalan.transformer.TransformerIdentityImpl;
@@ -971,8 +972,9 @@
                 String password = up[1];
                 log.debug("username: " + username + ", password: " + password);
                 try {
-                    if (realm.getIdentityManager().authenticate(username, password)) {
-                        authorized = realm.getPolicyManager().authorize(path, new Identity(username, null), new Role("view"));
+                    User user = realm.getIdentityManager().getUserManager().getUser(username);
+                    if (user != null && user.authenticate(password)) {
+                        authorized = realm.getPolicyManager().authorize(path, new Identity(user), new Role("view"));
                         if(authorized) {
                             return null;
                         } else {
@@ -1244,7 +1246,7 @@
                         sb.append("      </prop>\n");
                         sb.append("      <status>HTTP/1.1 200 OK</status>\n");
                         sb.append("    </propstat>\n");
-  		        sb.append("  </response>\n");
+                        sb.append("  </response>\n");
                     } else {
                         log.error("Neither collection nor resource: " + children[i].getPath());
                     }
@@ -1290,9 +1292,10 @@
             if(loginUsername != null) {
                 HttpSession session = request.getSession(true);
                 try {
-                    if (realm.getIdentityManager().authenticate(loginUsername, request.getParameter("yanel.login.password"))) {
+                    User user = realm.getIdentityManager().getUserManager().getUser(loginUsername);
+                    if (user != null && user.authenticate(request.getParameter("yanel.login.password"))) {
                         log.debug("Realm: " + realm);
-                        session.setAttribute(IDENTITY_KEY, new Identity(loginUsername, null));
+                        session.setAttribute(IDENTITY_KEY, new Identity(user));
                         return null;
                     } else {
                         log.warn("Login failed: " + loginUsername);
@@ -1341,10 +1344,10 @@
                 if (username != null) {
                     HttpSession session = request.getSession(true);
                     log.debug("Realm ID: " + realm.getID());
-                    
-                    if (realm.getIdentityManager().authenticate(username, password)) {
+                    User user = realm.getIdentityManager().getUserManager().getUser(username);
+                    if (user != null && user.authenticate(password)) {
                         log.info("Authentication successful: " + username);
-                        session.setAttribute(IDENTITY_KEY, new Identity(username, null));
+                        session.setAttribute(IDENTITY_KEY, new Identity(user));
 
                         // TODO: send some XML content, e.g. <authentication-successful/>
                         response.setContentType("text/plain; charset=" + DEFAULT_ENCODING);




More information about the Yanel-commits mailing list