commit - 55f65d3737aa52ef16b59d5e1505e26f6653586b
commit + fd927aab445ad88006ae9ac70783927523f5ae8a
blob - c5667afd129b86653c2e164d411632fba01fe241
blob + 538d419e61b3934430d05ebeeeb06428151f3fa1
--- src/org/snipsnap/container/DefaultSessionService.java
+++ src/org/snipsnap/container/DefaultSessionService.java
package org.snipsnap.container;
import org.radeox.util.logging.Logger;
-import snipsnap.api.storage.UserStorage;
import org.snipsnap.snip.HomePage;
import org.snipsnap.user.AuthenticationService;
import org.snipsnap.user.Digest;
import org.snipsnap.util.X509NameTokenizer;
import snipsnap.api.app.Application;
import snipsnap.api.config.Configuration;
+import snipsnap.api.container.Components;
import snipsnap.api.snip.SnipSpace;
+import snipsnap.api.storage.UserStorage;
import snipsnap.api.user.User;
-import snipsnap.api.container.Components;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
user = authService.authenticate(login, password);
if (user == null) {
- response.setHeader("WWW-Authenticate", "Basic realm=\"SnipSnap\"");
+ response.setHeader("WWW-Authenticate", "Basic realm=\"" + Application.get().getConfiguration().getName() + "\"");
response.setStatus(HTTP_UNAUTHORIZED);
return null;
}
UserManager um = (UserManager) Components.getComponent(UserManager.class);
user = authService.authenticate(uid);
// create a user and home page for new logins
- if(null == user) {
+ if (null == user) {
// set password to "*", if we switch back to Cookie auth service
// this is no problem as the users password is expected to be encrypted
// switching to Basic auth poses a security risk as it compares unencrypted
