Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

[fix] fixes #56: prohibit login for users with role=student for radiu…

…s authentication when disabled
  • Loading branch information...
commit 4b81b7f10d3b70abb3727a47dae3c4de06c50236 1 parent 5abf34d
@smee authored
View
8 .../java/de/thorstenberger/examServer/ws/remoteusermanager/RadiusAuthenticationProvider.java
@@ -87,9 +87,6 @@ public Authentication authenticate(final Authentication authentication)
messageSourceAccessor.getMessage("AbstractUserDetailsAuthenticationProvider.onlySupports",
"Only UsernamePasswordAuthenticationToken is supported"));
- if (!configManager.isStudentsLoginEnabled()) {
- throw new AuthenticationServiceException("Login disabled for student role.");
- }
if (!StringUtils.isEmpty(configManager.getRadiusHost()) && !StringUtils.isEmpty(configManager.getRadiusSharedSecret())) {
@@ -103,9 +100,8 @@ public Authentication authenticate(final Authentication authentication)
userBean = getRemoteUserInfos(username, password);
- if (!userBean.getRole().equals("student")) {
- throw new AuthenticationServiceException("Only student role allowed.");
- }
+ if (userBean.getRole().equals("student") && !configManager.isStudentsLoginEnabled())
+ throw new AuthenticationServiceException("Login disabled for student role.");
try {
Please sign in to comment.
Something went wrong with that request. Please try again.