Skip to content
Permalink
Browse files
[JENKINS-35031] Not check password if it is NO_AUTHENTICATION (#36)
[JENKINS-35031] Not check password if it is NO_AUTHENTICATION
  • Loading branch information
fbelzunc committed Jun 6, 2016
1 parent 600ab1c commit c04fc160d7cbf4f616109190ac3df7dcc1a02970
Showing 1 changed file with 4 additions and 2 deletions.
@@ -43,6 +43,7 @@
import org.acegisecurity.providers.UsernamePasswordAuthenticationToken;
import org.acegisecurity.userdetails.UserDetails;
import org.acegisecurity.userdetails.UsernameNotFoundException;
import org.apache.commons.codec.digest.DigestUtils;
import org.apache.commons.lang.StringUtils;

import javax.naming.NamingEnumeration;
@@ -228,9 +229,10 @@ private List<SocketInfo> obtainLDAPServers(String domainName) throws Authenticat
@SuppressFBWarnings(value = "ES_COMPARING_PARAMETER_STRING_WITH_EQ", justification = "Intentional instance check.")
public UserDetails retrieveUser(final String username, final String password, final String domainName, final List<SocketInfo> ldapServers) {
UserDetails userDetails;
String hashKey = username + "@@" + DigestUtils.sha1Hex(password);
try {
final ActiveDirectoryUserDetail[] cacheMiss = new ActiveDirectoryUserDetail[1];
userDetails = userCache.get(username, new Callable<UserDetails>() {
userDetails = userCache.get(hashKey, new Callable<UserDetails>() {
public UserDetails call() throws AuthenticationException {
DirContext context;
boolean anonymousBind = false; // did we bind anonymously?
@@ -350,7 +352,7 @@ public UserDetails call() throws AuthenticationException {
}
// We need to check the password when the user is cached so it doesn't get automatically authenticated
// without verifying the credentials
if (password != null && userDetails != null && !password.equals(userDetails.getPassword())) {
if (password != null && !password.equals(NO_AUTHENTICATION) && userDetails != null && !password.equals(userDetails.getPassword())) {
throw new BadCredentialsException("Failed to retrieve user information from the cache for "+ username);
}
return userDetails;

0 comments on commit c04fc16

Please sign in to comment.