Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-03-04 12:29:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Modified jaas sample's LoginModule to prevent empty string username/password

Browse Source
This commit is contained in:
Rob Winch 2011-03-06 19:01:13 -06:00
parent 9e5d35235c
commit a50c9afbab
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
samples/jaas/src/main/java/samples/jaas/UsernameEqualsPasswordLoginModule.java
View File

@ -71,6 +71,9 @@ public class UsernameEqualsPasswordLoginModule implements LoginModule {
if (username == null || !username.equals(password)) { if (username == null || !username.equals(password)) {
throw new LoginException("username is not equal to password"); throw new LoginException("username is not equal to password");
} }
if("".equals(username)) {
throw new LoginException("username cannot be empty string");
}
subject.getPrincipals().add(new UsernamePrincipal(username)); subject.getPrincipals().add(new UsernamePrincipal(username));
return true; return true;