OF-1253: Be more specific when detecting default username/password (#732)

Exception handling is used to determine if the default admin console username/password applies. This exception handling should be more specific than depend on any Exception. Instead, authentication-related exceptions should be used.

OF-1253: Be more specific when detecting default username/password (#732)
Exception handling is used to determine if the default admin console username/password applies. This exception handling should be more specific than depend on any Exception. Instead, authentication-related exceptions should be used.
d1a595a0 · Guus der Kinderen · akrherz · b0d5a85c · d1a595a0
Commit d1a595a0 authored Dec 31, 2016 by Guus der Kinderen Committed by akrherz Dec 30, 2016
Show whitespace changes
Inline Side-by-side

Showing with 3 additions and 2 deletions

setup-admin-settings.jsp src/web/setup/setup-admin-settings.jsp +3 -2

No files found.
--- a/src/web/setup/setup-admin-settings.jsp
+++ b/src/web/setup/setup-admin-settings.jsp
@@ -16,6 +16,7 @@
 <%@ page import="javax.servlet.http.HttpSession" %>
 <%@ page import="java.net.URLEncoder" %>
 <%@ page import="java.util.*" %>
+<%@ page import="org.jivesoftware.openfire.auth.UnauthorizedException" %>
 <%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
 <%@ taglib uri="http://java.sun.com/jsp/jstl/fmt" prefix="fmt" %>
@@ -73,7 +74,7 @@
        }
        try {
            AuthFactory.authenticate("admin", "admin");
-        } catch (Exception e) {
+        } catch (UnauthorizedException e) {
            errors.put("password", "password");
        }
        if (email == null) {
@@ -258,7 +259,7 @@ function checkClick() {
        AuthFactory.authenticate("admin", "admin");
        defaultPassword = true;
    }
-    catch (Exception e) {
+    catch (UnauthorizedException e) {
        // Ignore.
    }
    if (defaultPassword) {