Revert "SONAR-3968 Sonar should not allow any login with a blank password even when...

author Julien Lancelot <julien.lancelot@gmail.com>

Fri, 30 Nov 2012 10:29:43 +0000 (11:29 +0100)

committer Julien Lancelot <julien.lancelot@gmail.com>

Fri, 30 Nov 2012 10:29:43 +0000 (11:29 +0100)
author Julien Lancelot <julien.lancelot@gmail.com>
Fri, 30 Nov 2012 10:29:43 +0000 (11:29 +0100)
committer Julien Lancelot <julien.lancelot@gmail.com>
Fri, 30 Nov 2012 10:29:43 +0000 (11:29 +0100)
diff --git a/plugins/sonar-core-plugin/src/main/resources/org/sonar/l10n/core.properties b/plugins/sonar-core-plugin/src/main/resources/org/sonar/l10n/core.properties

index ab22ca13791cf439e11b6008dd622980e2088e12..b6e1241c9503a3e79a3f9e6ac0192f715f917efc 100644 (file)
--- a/plugins/sonar-core-plugin/src/main/resources/org/sonar/l10n/core.properties
+++ b/plugins/sonar-core-plugin/src/main/resources/org/sonar/l10n/core.properties
@@ -378,7 +378,6 @@ sessions.confirm_password=Confirm password
  sessions.sign_up=Sign up
  sessions.old_account=<a href="{0}" tabindex="-1">Log in</a> if you already have an account.
  session.flash_notice.authentication_failed=Authentication failed.
-session.flash_notice.empty_password=Password can't be blank.
  session.flash_notice.logged_out=You have been logged out.
  
  #------------------------------------------------------------------------------
diff --git a/sonar-server/src/main/webapp/WEB-INF/app/controllers/sessions_controller.rb b/sonar-server/src/main/webapp/WEB-INF/app/controllers/sessions_controller.rb

index 4b56c58b76cd0ae0517e22e22900fc8e7098a0e0..3098ad32268629985d130c8bd91b002c3af5eece 100644 (file)
--- a/sonar-server/src/main/webapp/WEB-INF/app/controllers/sessions_controller.rb
+++ b/sonar-server/src/main/webapp/WEB-INF/app/controllers/sessions_controller.rb
@@ -26,19 +26,16 @@ class SessionsController < ApplicationController
    
    def login
      return unless request.post?
-    if params[:password].blank?
-      flash.now[:loginerror] = message('session.flash_notice.empty_password')
-    else
-      self.current_user = User.authenticate(params[:login], params[:password], servlet_request)
-      if logged_in?
-        if params[:remember_me] == '1'
-          self.current_user.remember_me
-          cookies[:auth_token] = { :value => self.current_user.remember_token , :expires => self.current_user.remember_token_expires_at }
-        end
-        redirect_back_or_default(home_url)
-      else
-        flash.now[:loginerror] = message('session.flash_notice.authentication_failed')
+
+    self.current_user = User.authenticate(params[:login], params[:password], servlet_request)
+    if logged_in?
+      if params[:remember_me] == '1'
+        self.current_user.remember_me
+        cookies[:auth_token] = { :value => self.current_user.remember_token , :expires => self.current_user.remember_token_expires_at }
        end
+      redirect_back_or_default(home_url)
+    else
+      flash.now[:loginerror] = message('session.flash_notice.authentication_failed')
      end
    end
  
diff --git a/sonar-server/src/main/webapp/WEB-INF/lib/need_authentication.rb b/sonar-server/src/main/webapp/WEB-INF/lib/need_authentication.rb

index 7c2a5fd405027df3ba6290555053fe7645f8f2e4..7e3ffd3a7e021da099652f7f6c57dd9259fabcb7 100644 (file)
--- a/sonar-server/src/main/webapp/WEB-INF/lib/need_authentication.rb
+++ b/sonar-server/src/main/webapp/WEB-INF/lib/need_authentication.rb
@@ -49,28 +49,26 @@ class PluginRealm
    end
  
    def authenticate?(username, password, servlet_request)
-    unless password.blank?
-      details=nil
-      if @java_users_provider
-        begin
-          provider_context = org.sonar.api.security.ExternalUsersProvider::Context.new(username, servlet_request)
-          details = @java_users_provider.doGetUserDetails(provider_context)
-        rescue Exception => e
-          Rails.logger.error("Error from external users provider: #{e.message}")
-          @save_password ? fallback(username, password) : false
+    details=nil
+    if @java_users_provider
+      begin
+        provider_context = org.sonar.api.security.ExternalUsersProvider::Context.new(username, servlet_request)
+        details = @java_users_provider.doGetUserDetails(provider_context)
+      rescue Exception => e
+        Rails.logger.error("Error from external users provider: #{e.message}")
+        @save_password ? fallback(username, password) : false
+      else
+        if details
+          # User exist in external system
+          auth(username, password, servlet_request, details)
          else
-          if details
-            # User exist in external system
-            auth(username, password, servlet_request, details)
-          else
-            # No such user in external system
-            fallback(username, password)
-          end
+          # No such user in external system
+          fallback(username, password)
          end
-      else
-        # Legacy authenticator
-        auth(username, password, servlet_request, nil)
        end
+    else
+      # Legacy authenticator
+      auth(username, password, servlet_request, nil)
      end
    end
author	Julien Lancelot <julien.lancelot@gmail.com>
	Fri, 30 Nov 2012 10:29:43 +0000 (11:29 +0100)
committer	Julien Lancelot <julien.lancelot@gmail.com>
	Fri, 30 Nov 2012 10:29:43 +0000 (11:29 +0100)
plugins/sonar-core-plugin/src/main/resources/org/sonar/l10n/core.properties		patch \| blob \| history
sonar-server/src/main/webapp/WEB-INF/app/controllers/sessions_controller.rb		patch \| blob \| history
sonar-server/src/main/webapp/WEB-INF/lib/need_authentication.rb		patch \| blob \| history