From 6a579fa1235307bda8ca747adbdfee018105ed14 Mon Sep 17 00:00:00 2001
From: Alex Eng <aeng@redhat.com>
Date: Thu, 17 Jan 2013 10:45:29 +1000
Subject: [PATCH] Fix Kerberos login issue: user can login even account is
 disabled

---
 .../main/java/org/zanata/security/AuthenticationManager.java    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/zanata-war/src/main/java/org/zanata/security/AuthenticationManager.java b/zanata-war/src/main/java/org/zanata/security/AuthenticationManager.java
index e3cb047707..e3fe22cd94 100644
--- a/zanata-war/src/main/java/org/zanata/security/AuthenticationManager.java
+++ b/zanata-war/src/main/java/org/zanata/security/AuthenticationManager.java
@@ -160,7 +160,7 @@ public void kerberosLogin()
       {
          SpNegoIdentity spNegoIdentity = (SpNegoIdentity) Component.getInstance(SpNegoIdentity.class, ScopeType.SESSION);
          spNegoIdentity.authenticate();
-         if (!isNewUser() && !isAuthenticatedAccountWaitingForActivation())
+         if (!isNewUser() && !isAuthenticatedAccountWaitingForActivation() && isAccountEnabledAndActivated())
          {
             spNegoIdentity.login();
             this.onLoginCompleted(AuthenticationType.KERBEROS);