[fix] fixes #56: prohibit login for users with role=student for radiu…

…s authentication when disabled
smee · Aug 30, 2010 · 4b81b7f · 4b81b7f
1 parent 5abf34d
commit 4b81b7f
Showing 1 changed file with 2 additions and 6 deletions.
diff --git a/.../java/de/thorstenberger/examServer/ws/remoteusermanager/RadiusAuthenticationProvider.java b/.../java/de/thorstenberger/examServer/ws/remoteusermanager/RadiusAuthenticationProvider.java
@@ -87,9 +87,6 @@ public Authentication authenticate(final Authentication authentication)
         messageSourceAccessor.getMessage("AbstractUserDetailsAuthenticationProvider.onlySupports",
         "Only UsernamePasswordAuthenticationToken is supported"));
 
-    if (!configManager.isStudentsLoginEnabled()) {
-      throw new AuthenticationServiceException("Login disabled for student role.");
-    }
 
     if (!StringUtils.isEmpty(configManager.getRadiusHost()) && !StringUtils.isEmpty(configManager.getRadiusSharedSecret())) {
 
@@ -103,9 +100,8 @@ public Authentication authenticate(final Authentication authentication)
 
         userBean = getRemoteUserInfos(username, password);
 
-        if (!userBean.getRole().equals("student")) {
-          throw new AuthenticationServiceException("Only student role allowed.");
-        }
+        if (userBean.getRole().equals("student") && !configManager.isStudentsLoginEnabled())
+            throw new AuthenticationServiceException("Login disabled for student role.");
 
         try {