From b6a306a6b8f443b001f477390c33f07e1ad7e6fc Mon Sep 17 00:00:00 2001
From: Jan Bartel <janb@intalio.com>
Date: Tue, 29 Oct 2013 12:24:03 +1100
Subject: [PATCH] 420530 AbstractLoginModule never fails a login

Conflicts:
	jetty-jaas/src/main/java/org/eclipse/jetty/jaas/spi/AbstractLoginModule.java
	jetty-jaas/src/main/java/org/eclipse/jetty/jaas/spi/PropertyFileLoginModule.java
---
 .../jetty/jaas/spi/AbstractLoginModule.java   | 30 ++++++++++++++-----
 .../jaas/spi/PropertyFileLoginModule.java     |  7 +++--
 2 files changed, 26 insertions(+), 11 deletions(-)

diff --git a/jetty-jaas/src/main/java/org/eclipse/jetty/jaas/spi/AbstractLoginModule.java b/jetty-jaas/src/main/java/org/eclipse/jetty/jaas/spi/AbstractLoginModule.java
index 20646e2e714..4e6c700b062 100644
--- a/jetty-jaas/src/main/java/org/eclipse/jetty/jaas/spi/AbstractLoginModule.java
+++ b/jetty-jaas/src/main/java/org/eclipse/jetty/jaas/spi/AbstractLoginModule.java
@@ -31,6 +31,7 @@ import javax.security.auth.callback.CallbackHandler;
 import javax.security.auth.callback.NameCallback;
 import javax.security.auth.callback.PasswordCallback;
 import javax.security.auth.callback.UnsupportedCallbackException;
+import javax.security.auth.login.FailedLoginException;
 import javax.security.auth.login.LoginException;
 import javax.security.auth.spi.LoginModule;
 
@@ -199,9 +200,14 @@ public abstract class AbstractLoginModule implements LoginModule
         callbacks[2] = new PasswordCallback("Enter password", false); //only used if framework does not support the ObjectCallback
         return callbacks;
     }
-
-
-
+    
+    
+    public boolean isIgnored ()
+    {
+        return false;
+    }
+    
+    
     public abstract UserInfo getUserInfo (String username) throws Exception;
 
 
@@ -214,7 +220,10 @@ public abstract class AbstractLoginModule implements LoginModule
     public boolean login() throws LoginException
     {
         try
-        {
+        {  
+            if (isIgnored())
+                return false;
+            
             if (callbackHandler == null)
                 throw new LoginException ("No callback handler");
 
@@ -231,7 +240,7 @@ public abstract class AbstractLoginModule implements LoginModule
             if ((webUserName == null) || (webCredential == null))
             {
                 setAuthenticated(false);
-                return isAuthenticated();
+                throw new FailedLoginException();
             }
 
             UserInfo userInfo = getUserInfo(webUserName);
@@ -239,12 +248,16 @@ public abstract class AbstractLoginModule implements LoginModule
             if (userInfo == null)
             {
                 setAuthenticated(false);
-                return isAuthenticated();
+                throw new FailedLoginException();
             }
 
             currentUser = new JAASUserInfo(userInfo);
             setAuthenticated(currentUser.checkCredential(webCredential));
-            return isAuthenticated();
+          
+            if (isAuthenticated())
+                return true;
+            else
+                throw new FailedLoginException();
         }
         catch (IOException e)
         {
@@ -256,7 +269,8 @@ public abstract class AbstractLoginModule implements LoginModule
         }
         catch (Exception e)
         {
-            e.printStackTrace();
+            if (e instanceof LoginException)
+                throw (LoginException)e;
             throw new LoginException (e.toString());
         }
     }
diff --git a/jetty-jaas/src/main/java/org/eclipse/jetty/jaas/spi/PropertyFileLoginModule.java b/jetty-jaas/src/main/java/org/eclipse/jetty/jaas/spi/PropertyFileLoginModule.java
index 028e4f269dc..69ea3e9a600 100644
--- a/jetty-jaas/src/main/java/org/eclipse/jetty/jaas/spi/PropertyFileLoginModule.java
+++ b/jetty-jaas/src/main/java/org/eclipse/jetty/jaas/spi/PropertyFileLoginModule.java
@@ -112,9 +112,10 @@ public class PropertyFileLoginModule extends AbstractLoginModule
         PropertyUserStore propertyUserStore = _propertyUserStores.get(_filename);
         if (propertyUserStore == null)
             throw new IllegalStateException("PropertyUserStore should never be null here!");
-
+        
+        LOG.debug("Checking PropertyUserStore "+_filename+" for "+userName);
         UserIdentity userIdentity = propertyUserStore.getUserIdentity(userName);
-        if(userIdentity==null)
+        if (userIdentity==null)
             return null;
 
         Set<Principal> principals = userIdentity.getSubject().getPrincipals();
@@ -127,7 +128,7 @@ public class PropertyFileLoginModule extends AbstractLoginModule
         }
 
         Credential credential = (Credential)userIdentity.getSubject().getPrivateCredentials().iterator().next();
-        LOG.debug("Found: " + userName + " in PropertyUserStore");
+        LOG.debug("Found: " + userName + " in PropertyUserStore "+_filename);
         return new UserInfo(userName, credential, roles);
     }