Merge pull request #203 from apache/SHIRO-747
[SHIRO-747] FirstSuccessfulStrategy now detects empty principal correctly
diff --git a/core/src/main/java/org/apache/shiro/authc/pam/FirstSuccessfulStrategy.java b/core/src/main/java/org/apache/shiro/authc/pam/FirstSuccessfulStrategy.java
index 87cb5cc..3d332f1 100644
--- a/core/src/main/java/org/apache/shiro/authc/pam/FirstSuccessfulStrategy.java
+++ b/core/src/main/java/org/apache/shiro/authc/pam/FirstSuccessfulStrategy.java
@@ -64,7 +64,7 @@
* otherwise.
*/
public AuthenticationInfo beforeAttempt(Realm realm, AuthenticationToken token, AuthenticationInfo aggregate) throws AuthenticationException {
- if (getStopAfterFirstSuccess() && aggregate != null && isEmpty(aggregate.getPrincipals())) {
+ if (getStopAfterFirstSuccess() && aggregate != null && !isEmpty(aggregate.getPrincipals())) {
throw new ShortCircuitIterationException();
}
return aggregate;
diff --git a/core/src/test/java/org/apache/shiro/authc/pam/FirstSuccessfulStrategyTest.java b/core/src/test/java/org/apache/shiro/authc/pam/FirstSuccessfulStrategyTest.java
index 68fe395..5f06566 100644
--- a/core/src/test/java/org/apache/shiro/authc/pam/FirstSuccessfulStrategyTest.java
+++ b/core/src/test/java/org/apache/shiro/authc/pam/FirstSuccessfulStrategyTest.java
@@ -98,10 +98,22 @@
assertNull(strategy.beforeAttempt(null, null, null));
}
- @Test (expected=ShortCircuitIterationException.class)
- public void testBeforeAttemptStopAfterFirstSuccess() {
+ @Test
+ public void testBeforeAttemptEmptyPrincipal() {
AuthenticationInfo aggregate = new SimpleAuthenticationInfo();
- strategy.beforeAttempt(null, null, aggregate);
+ assertEquals(strategy.beforeAttempt(null, null, aggregate), aggregate);
}
+ @Test
+ public void testBeforeAttemptEmptyList() {
+ SimplePrincipalCollection principalCollection = new SimplePrincipalCollection();
+ AuthenticationInfo aggregate = new SimpleAuthenticationInfo(principalCollection, null);
+ assertEquals(strategy.beforeAttempt(null, null, aggregate), aggregate);
+ }
+
+ @Test (expected=ShortCircuitIterationException.class)
+ public void testBeforeAttemptStopAfterFirstSuccess() {
+ AuthenticationInfo aggregate = new SimpleAuthenticationInfo("principal", null, "a-realm-name");
+ strategy.beforeAttempt(null, null, aggregate);
+ }
}