SEC-328: Avoid unnecessarily hitting backend a second time, if the cache wasn't used in first place.
This commit is contained in:
parent
53beadb7bf
commit
5364db2c27
|
@ -145,10 +145,15 @@ public abstract class AbstractUserDetailsAuthenticationProvider implements Authe
|
||||||
try {
|
try {
|
||||||
additionalAuthenticationChecks(user, (UsernamePasswordAuthenticationToken) authentication);
|
additionalAuthenticationChecks(user, (UsernamePasswordAuthenticationToken) authentication);
|
||||||
} catch (AuthenticationException exception) {
|
} catch (AuthenticationException exception) {
|
||||||
// There was a problem, so try again after checking we're using latest data
|
if(cacheWasUsed) {
|
||||||
cacheWasUsed = false;
|
// There was a problem, so try again after checking
|
||||||
user = retrieveUser(username, (UsernamePasswordAuthenticationToken) authentication);
|
// we're using latest data (ie not from the cache)
|
||||||
additionalAuthenticationChecks(user, (UsernamePasswordAuthenticationToken) authentication);
|
cacheWasUsed = false;
|
||||||
|
user = retrieveUser(username, (UsernamePasswordAuthenticationToken) authentication);
|
||||||
|
additionalAuthenticationChecks(user, (UsernamePasswordAuthenticationToken) authentication);
|
||||||
|
} else {
|
||||||
|
throw exception;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!user.isCredentialsNonExpired()) {
|
if (!user.isCredentialsNonExpired()) {
|
||||||
|
|
Loading…
Reference in New Issue