From a50c9afbab7f9fdb1290c30cbaa2e1ed1fd1a736 Mon Sep 17 00:00:00 2001
From: Rob Winch <rwinch@gmail.com>
Date: Sun, 6 Mar 2011 19:01:13 -0600
Subject: [PATCH] Modified jaas sample's LoginModule to prevent empty string
 username/password

---
 .../java/samples/jaas/UsernameEqualsPasswordLoginModule.java   | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/samples/jaas/src/main/java/samples/jaas/UsernameEqualsPasswordLoginModule.java b/samples/jaas/src/main/java/samples/jaas/UsernameEqualsPasswordLoginModule.java
index 56b2d2a838..369278e13c 100644
--- a/samples/jaas/src/main/java/samples/jaas/UsernameEqualsPasswordLoginModule.java
+++ b/samples/jaas/src/main/java/samples/jaas/UsernameEqualsPasswordLoginModule.java
@@ -71,6 +71,9 @@ public class UsernameEqualsPasswordLoginModule implements LoginModule {
         if (username == null || !username.equals(password)) {
             throw new LoginException("username is not equal to password");
         }
+        if("".equals(username)) {
+            throw new LoginException("username cannot be empty string");
+        }
 
         subject.getPrincipals().add(new UsernamePrincipal(username));
         return true;