[OFBiz] SVN: r6694 - trunk/applications/securityext/src/org/ofbiz/securityext/login

[jonesde@svn.ofbiz.org]

Author: jonesde
Date: 2006-02-06 16:18:55 -0600 (Mon, 06 Feb 2006)
New Revision: 6694

Modified:
   trunk/applications/securityext/src/org/ofbiz/securityext/login/LoginEvents.java
Log:
Changed login service so that request attributes for USERNAME and PASSWORD can override values in request parameters or session attributes

Modified: trunk/applications/securityext/src/org/ofbiz/securityext/login/LoginEvents.java
===================================================================
--- trunk/applications/securityext/src/org/ofbiz/securityext/login/LoginEvents.java	2006-02-06 21:39:32 UTC (rev 6693)
+++ trunk/applications/securityext/src/org/ofbiz/securityext/login/LoginEvents.java	2006-02-06 22:18:55 UTC (rev 6694)
@@ -195,6 +195,14 @@
 
         if (username == null) username = (String) session.getAttribute("USERNAME");
         if (password == null) password = (String) session.getAttribute("PASSWORD");
+        
+        // allow a username and/or password in a request attribute to override the request parameter or the session attribute; this way a preprocessor can play with these a bit...
+        if (UtilValidate.isNotEmpty((String) request.getAttribute("USERNAME"))) {
+        	username = (String) request.getAttribute("USERNAME");
+        }
+        if (UtilValidate.isNotEmpty((String) request.getAttribute("PASSWORD"))) {
+        	password = (String) request.getAttribute("PASSWORD");
+        }
 
         List unpwErrMsgList = FastList.newInstance();
         if (UtilValidate.isEmpty(username)) {