*/
public Principal authenticate(String username, String credentials) {
- // No user - can't possibly authenticate, don't bother the database then
- if (username == null) {
+ // No user or no credentials
+ // Can't possibly authenticate, don't bother the database then
+ if (username == null || credentials == null) {
return null;
}
String username,
String credentials) {
- // No user - can't possibly authenticate
- if (username == null) {
- return (null);
+ // No user or no credentials
+ // Can't possibly authenticate, don't bother the database then
+ if (username == null || credentials == null) {
+ return null;
}
// Look up the user's credentials
GenericPrincipal principal = principals.get(username);
boolean validated = false;
- if (principal != null) {
+ if (principal != null && credentials != null) {
if (hasMessageDigest()) {
// Hex hashes should be compared case-insensitive
validated = (digest(credentials)
projects / tomcat7.0 / commitdiff