From 4a175cbe8216d80a5aba5b2ffb8adb7f2e2c2703 Mon Sep 17 00:00:00 2001 From: mguessan Date: Thu, 17 Sep 2009 20:19:54 +0000 Subject: [PATCH] Caldav: check credentials on each request git-svn-id: http://svn.code.sf.net/p/davmail/code/trunk@728 3d1905a2-6b24-0410-a738-b14d5a86fcbd --- src/java/davmail/caldav/CaldavConnection.java | 4 ++-- src/java/davmail/exchange/ExchangeSession.java | 12 ++++++++++++ 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/src/java/davmail/caldav/CaldavConnection.java b/src/java/davmail/caldav/CaldavConnection.java index eb95b276..f3c73fc2 100644 --- a/src/java/davmail/caldav/CaldavConnection.java +++ b/src/java/davmail/caldav/CaldavConnection.java @@ -155,8 +155,8 @@ public class CaldavConnection extends AbstractConnection { sendUnauthorized(); } else { decodeCredentials(headers.get("authorization")); - // authenticate only once - if (session == null) { + // authenticate only once, but check credentials + if (session == null || !session.checkCredentials(userName, password)) { try { session = ExchangeSessionFactory.getInstance(userName, password); } catch (DavMailAuthenticationException e) { diff --git a/src/java/davmail/exchange/ExchangeSession.java b/src/java/davmail/exchange/ExchangeSession.java index ef42f603..d024cb62 100644 --- a/src/java/davmail/exchange/ExchangeSession.java +++ b/src/java/davmail/exchange/ExchangeSession.java @@ -263,6 +263,18 @@ public class ExchangeSession { return isExpired; } + /** + * Compare credentials to current session credentials. + * + * @param userName user name + * @param password user password + * @return true if credentials match + */ + public boolean checkCredentials(String userName, String password) { + return userName != null && password != null + && userName.equals(poolKey.userName) && password.equals(poolKey.password); + } + /** * Test authentication mode : form based or basic. *