Caldav: check credentials on each request

git-svn-id: http://svn.code.sf.net/p/davmail/code/trunk@728 3d1905a2-6b24-0410-a738-b14d5a86fcbd
2024-12-13 11:12:22 -05:00 · 2009-09-17 20:19:54 +00:00 · 2009-09-17 20:19:54 +00:00 · 4a175cbe82
commit 4a175cbe82
parent 332ff6db99
2 changed files with 14 additions and 2 deletions
--- a/src/java/davmail/caldav/CaldavConnection.java
+++ b/src/java/davmail/caldav/CaldavConnection.java
@ -155,8 +155,8 @@ public class CaldavConnection extends AbstractConnection {
                    sendUnauthorized();
                } else {
                    decodeCredentials(headers.get("authorization"));
-                    // authenticate only once
-                    if (session == null) {
+                    // authenticate only once, but check credentials
+                    if (session == null || !session.checkCredentials(userName, password)) {
                        try {
                            session = ExchangeSessionFactory.getInstance(userName, password);
                        } catch (DavMailAuthenticationException e) {
--- a/src/java/davmail/exchange/ExchangeSession.java
+++ b/src/java/davmail/exchange/ExchangeSession.java
@ -263,6 +263,18 @@ public class ExchangeSession {
        return isExpired;
    }

+    /**
+     * Compare credentials to current session credentials.
+     *
+     * @param userName user name
+     * @param password user password
+     * @return true if credentials match
+     */
+    public boolean checkCredentials(String userName, String password) {
+        return userName != null && password != null
+                && userName.equals(poolKey.userName) && password.equals(poolKey.password);
+    }
+
    /**
     * Test authentication mode : form based or basic.
     *