From 5a2abbd721c7ca2fe57301e3d2bdea88e9455e53 Mon Sep 17 00:00:00 2001 From: Alex Mukha Date: Wed, 7 Dec 2016 16:37:35 +0000 Subject: [PATCH] REPO-1687: ACE-5662: The AuthenticationServiceImpl.ProtectedUser is not suitable for clustered cache - Added additional check to avoid problems with very small usernames. git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/BRANCHES/DEV/5.2.N/root@133443 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261 --- .../security/authentication/AuthenticationServiceImpl.java | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/source/java/org/alfresco/repo/security/authentication/AuthenticationServiceImpl.java b/source/java/org/alfresco/repo/security/authentication/AuthenticationServiceImpl.java index b91e8160f5..1d5f307d2c 100644 --- a/source/java/org/alfresco/repo/security/authentication/AuthenticationServiceImpl.java +++ b/source/java/org/alfresco/repo/security/authentication/AuthenticationServiceImpl.java @@ -179,8 +179,11 @@ public class AuthenticationServiceImpl extends AbstractAuthenticationService imp if (protectedUser.getNumLogins() == protectionLimit && logger.isWarnEnabled()) { // Shows only first 2 symbols of the username and masks all other character with '*' - logger.warn(String.format(BRUTE_FORCE_ATTACK_DETECTED, - userName.substring(0,2) + new String(new char[(userName.length() - 2)]).replace("\0", "*"))); + if (userName.length() >= 2) + { + logger.warn(String.format(BRUTE_FORCE_ATTACK_DETECTED, + userName.substring(0,2) + new String(new char[(userName.length() - 2)]).replace("\0", "*"))); + } } } protectedUsersCache.put(userName, protectedUser);