Review SQLLoginModule for potential violations and security risks.
At revision: 590777 http://svn.apache.org/viewvc?rev=590777&view=rev
o LoginModule should not add principals when login fails. Added a test to detect the same.
o Other changes to bring SQLLoginModule in line with http://java.sun.com/j2se/1.5.0/docs/guide/security/jaas/JAASLMDevGuide.html
**: This fix can use a thorough review.
I guess I am done with my review. Can someone review the code and tests in their current state and comment.
In rev 592223 I supplied an AbstractLoginModuleTest that uniformizes the test setups and makes it easier to determine if all relevant tests have been written. This also eliminated the "Advanced" tests as a separate class. Also relevant to the PropertiesFile and Certificate login module tests.
At revision: 592284
o Merged rev 592223 from trunk.
At revision: 592287
o Merging rev 592227 from trunk