a290e1fd95c6c9ac28c5d447b27bf0fe87583071,source/org/jasig/portal/security/provider/SimpleSecurityContext.java,SimpleSecurityContext,authenticate,#,64
Before Change
public synchronized void authenticate() throws PortalSecurityException {
this.isauth = false;
RdbmServices rdbmservices = new RdbmServices();
if (this.myPrincipal.UID != null &&
this.myOpaqueCredentials.credentialstring != null) {
Connection conn = null;
PreparedStatement stmt = null;
ResultSet rset = null;
String first_name = null, last_name = null, md5_passwd = null;
int globalUID;
try {
String query = "SELECT ID, FIRST_NAME, LAST_NAME, UP_SHADOW.PASSWORD " +
"FROM UP_USERS, UP_SHADOW WHERE " +
"UP_USERS.USER_NAME = UP_SHADOW.USER_NAME AND " +
"UP_USERS.USER_NAME = ?";
conn = rdbmservices.getConnection();
stmt = conn.prepareStatement(query);
stmt.setString(1, this.myPrincipal.UID);
rset = stmt.executeQuery();
if (rset.next()) {
globalUID = rset.getInt("ID");
first_name = rset.getString("FIRST_NAME");
last_name = rset.getString("LAST_NAME");
md5_passwd = rset.getString("PASSWORD");
if (!md5_passwd.substring(0, 5).equals("(MD5)")) {
Logger.log(Logger.ERROR, "Password not an MD5 hash: " +
md5_passwd.substring(0, 5));
After Change
String first_name = null, last_name = null, md5_passwd = null;
int globalUID;
try {
org.jasig.portal.IDBImpl dbImpl = new org.jasig.portal.DBImpl();
String acct[] = dbImpl.getUserAccountInformation(this.myPrincipal.UID);
if (acct[0] != null) {
globalUID = Integer.parseInt(acct[0]);
first_name = acct[2];
last_name = acct[3];
md5_passwd = acct[1];
if (!md5_passwd.substring(0, 5).equals("(MD5)")) {
Logger.log(Logger.ERROR, "Password not an MD5 hash: " +