Fetch user roles after a successful forced binded ldap login.

Signed-off-by: JACQUES Francois <fjacques@murex.com>
2016-02-17 12:57:57 +01:00 · 2016-02-17 12:57:57 +01:00 · 1f75ab178c
parent 8068aeead9
commit 1f75ab178c
1 changed files with 22 additions and 19 deletions
--- a/jetty-jaas/src/main/java/org/eclipse/jetty/jaas/spi/LdapLoginModule.java
+++ b/jetty-jaas/src/main/java/org/eclipse/jetty/jaas/spi/LdapLoginModule.java
@ -415,11 +415,14 @@ public class LdapLoginModule extends AbstractLoginModule
                return isAuthenticated();
            }

+            boolean authed = false;
+
            if (_forceBindingLogin)
            {
-                return bindingLogin(webUserName, webCredential);
+                authed = bindingLogin(webUserName, webCredential);
            }
-
+            else
+            {
                // This sets read and the credential
                UserInfo userInfo = getUserInfo(webUserName);

@ -431,11 +434,11 @@ public class LdapLoginModule extends AbstractLoginModule

                setCurrentUser(new JAASUserInfo(userInfo));

-            boolean authed = false;            
                if (webCredential instanceof String)
                    authed = credentialLogin(Credential.getCredential((String) webCredential));
                else
                    authed = credentialLogin(webCredential);
+            }

            //only fetch roles if authenticated
            if (authed)