Re: [xwiki-devs] [xwiki-notifications] r26408 - in platform/core/trunk/xwiki-core/src/main: java/com/xpn/xwiki/user/impl/LDAP java/com/xpn/xwiki/user/impl/xwiki resources

27 Jan 2010

On Tue, Jan 26, 2010 at 17:04, Sergiu Dumitriu &lt;sergiu(a)xwiki.com&gt; wrote:
...
  On 01/26/2010 03:20 PM, vmassol (SVN) wrote:
  Author: vmassol
 Date: 2010-01-26 15:20:55 +0100 (Tue, 26 Jan 2010)
 New Revision: 26408

 Modified:
    
platform/core/trunk/xwiki-core/src/main/java/com/xpn/xwiki/user/impl/LDAP/XWikiLDAPAuthServiceImpl.java
    
platform/core/trunk/xwiki-core/src/main/java/com/xpn/xwiki/user/impl/xwiki/AbstractXWikiAuthService.java
    
platform/core/trunk/xwiki-core/src/main/java/com/xpn/xwiki/user/impl/xwiki/XWikiAuthServiceImpl.java
     platform/core/trunk/xwiki-core/src/main/resources/ApplicationResources.properties
 Log:
 XWIKI-2261: Don't give password hints 
 Actually I would leave the nousername/nopassword messages, since this is
 a known fact that doesn't give any hints about the existence of the user. 
+1

...
 
  Modified:
platform/core/trunk/xwiki-core/src/main/java/com/xpn/xwiki/user/impl/LDAP/XWikiLDAPAuthServiceImpl.java
 ===================================================================
 ---
platform/core/trunk/xwiki-core/src/main/java/com/xpn/xwiki/user/impl/LDAP/XWikiLDAPAuthServiceImpl.java
  2010-01-26 14:14:24 UTC (rev 26407)
 +++
platform/core/trunk/xwiki-core/src/main/java/com/xpn/xwiki/user/impl/LDAP/XWikiLDAPAuthServiceImpl.java
  2010-01-26 14:20:55 UTC (rev 26408)
 @@ -115,7 +115,7 @@

           // Check for empty usernames
           if (login.equals("")) {
 -            context.put("message", "nousername");
 +            context.put("message", "invalidcredentials");

               if (LOG.isDebugEnabled()) {
                   LOG.debug("LDAP authentication failed: login empty");
 @@ -126,7 +126,7 @@

           // Check for empty passwords
           if ((password == null) || (password.trim().equals(""))) {
 -            context.put("message", "nopassword");
 +            context.put("message", "invalidcredentials");

               if (LOG.isDebugEnabled()) {
                   LOG.debug("LDAP authentication failed: password null or
empty");

 Modified:
platform/core/trunk/xwiki-core/src/main/java/com/xpn/xwiki/user/impl/xwiki/XWikiAuthServiceImpl.java
 ===================================================================
 ---
platform/core/trunk/xwiki-core/src/main/java/com/xpn/xwiki/user/impl/xwiki/XWikiAuthServiceImpl.java
     2010-01-26 14:14:24 UTC (rev 26407)
 +++
platform/core/trunk/xwiki-core/src/main/java/com/xpn/xwiki/user/impl/xwiki/XWikiAuthServiceImpl.java
     2010-01-26 14:20:55 UTC (rev 26408)
 @@ -423,13 +423,13 @@

           // Check for empty usernames
           if (cannonicalUsername.equals("")) {
 -            context.put("message", "nousername");
 +            context.put("message", "invalidcredentials");
               return null;
           }

           // Check for empty passwords
           if ((password == null) || (password.trim().equals(""))) {
 -            context.put("message", "nopassword");
 +            context.put("message", "invalidcredentials");
               return null;
           }
 
 --
 Sergiu Dumitriu
 http://purl.org/net/sergiu/
 _______________________________________________
 devs mailing list
 devs(a)xwiki.org
 http://lists.xwiki.org/mailman/listinfo/devs
 

-- 
Thomas Mortagne

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

Re: [xwiki-devs] [xwiki-notifications] r26408 - in platform/core/trunk/xwiki-core/src/main: java/com/xpn/xwiki/user/impl/LDAP java/com/xpn/xwiki/user/impl/xwiki resources