About JdbcAuthenticationManager

2008-12-11
2013-05-08
  • sweet yonce
    sweet yonce
    2008-12-11

    Hi,Charles:
    I find a problem when I update a principal(RolePrincipal), because I modified the permissions of sepecial principal, the JdbcAuthenticationManager will invoke updatePrincipal(String oldName, Principal principal) method,this method segment like this:
    if (oldName.equals(principal.getName()) {
       return;
    }

    But the 'oldName' always be like this"guest",  'principal.getName()' always be like this
    "applicationName#guest",so it will execute the code:
                     
                      Connection connection = null;
            PreparedStatement pst = null;
            try {
                connection = connectionFactory.getConnection();
                pst = connection.prepareStatement(properties
                        .getProperty("UPDATE_PRINCIPAL"));
                pst.setString(1, principal.getName());
                pst.setString(2, oldName);
                pst.setString(3, applicationName);
                pst.executeUpdate();
                pst.close();

            } catch (SQLException e) {
                logger.log(Level.SEVERE,
                        "updatePrincipal(String oldName, Principal principal)", e);
                throw new AuthenticationException(e);
            } finally {
                try {
                    connection.close();
                } catch (SQLException e) {
                    logger.log(Level.SEVERE,
                            "updatePrincipal(String oldName, Principal principal)",
                            e);
                    throw new AuthenticationException(e);
                }
            }

            // if the database update is right, we can update the in memory
            // reference
            Principal oldPal = (Principal) localPrincipals.remove(oldName);
            localPrincipalsSet.remove(oldPal);
            localPrincipals.put(principal.getName(), principal);
            localPrincipalsSet.add(principal);
        }
    }
    if it executed above codes ,the jg_principal 's 'name' field will changed to 'appliaction#guest', and there will be a error when I visit application as 'guest' principal.
    So I modified this method segment like this:

    if (oldName.equals(((RolePrincipal) principal).getLocalName())) {
         return;
    }

    and problem don't happen any more, but I am not sure that it don't happen at other place.
    please help me.

    Thanks .

     
    • Hi Yonce,
      You registered a bug for it? Is the best way to help Charles to improve the jGuard. Anyway, congratulations for you effort!

      []'s
      Vinícius Pitta Lima de Araújo
      http://www.viniciusaraujo.net

       
      • Charles Lescot
        Charles Lescot
        2009-02-06

        Hi,
        please note that the future jguard 2.0 release, won't include anymore a JdbcAuthenticationManager but an HibernateAuthenticationManager.

        hope it helps,

        Charles.