fix exception on login, if an external authenticator returns a changed user object

2025-11-09 15:05:44 +01:00 · 2014-01-29 12:46:14 +01:00
parent b05cf39df8
commit 74661789f8
1 changed files with 11 additions and 7 deletions
--- a/scm-webapp/src/main/java/sonia/scm/security/ScmRealm.java
+++ b/scm-webapp/src/main/java/sonia/scm/security/ScmRealm.java
@@ -121,9 +121,8 @@ public class ScmRealm extends AuthorizingRealm
   */
  @Inject
  public ScmRealm(ScmConfiguration configuration,
-    LoginAttemptHandler loginAttemptHandler,
-    AuthorizationCollector collector,UserManager userManager, 
-    GroupManager groupManager, UserDAO userDAO, 
+    LoginAttemptHandler loginAttemptHandler, AuthorizationCollector collector,
+    UserManager userManager, GroupManager groupManager, UserDAO userDAO,
    AuthenticationManager authenticator, RepositoryManager manager,
    Provider<HttpServletRequest> requestProvider,
    Provider<HttpServletResponse> responseProvider)
@@ -150,8 +149,6 @@ public class ScmRealm extends AuthorizingRealm
    setPermissionResolver(new RepositoryPermissionResolver());
  }

-  private final LoginAttemptHandler loginAttemptHandler;
-
  //~--- methods --------------------------------------------------------------

  /**
@@ -198,6 +195,7 @@ public class ScmRealm extends AuthorizingRealm
    else
    {
      loginAttemptHandler.onUnsuccessfulAuthentication(authToken, result);
+
      throw new AccountException("authentication failed");
    }

@@ -362,7 +360,10 @@ public class ScmRealm extends AuthorizingRealm
    // modify existing user, copy properties except password and admin
    if (user.copyProperties(dbUser, false))
    {
-      userManager.modify(dbUser);
+      user.setLastModified(System.currentTimeMillis());
+      UserEventHack.fireEvent(userManager, user, HandlerEvent.BEFORE_MODIFY);
+      userDAO.modify(user);
+      UserEventHack.fireEvent(userManager, user, HandlerEvent.MODIFY);
    }
  }

@@ -547,6 +548,9 @@ public class ScmRealm extends AuthorizingRealm
  /** Field description */
  private final GroupManager groupManager;

+  /** Field description */
+  private final LoginAttemptHandler loginAttemptHandler;
+
  /** Field description */
  private final Provider<HttpServletRequest> requestProvider;