Commits

Tuukka Norri committed b681782

BXNetServiceConnector now removes the password from memory in a case where it was left there
- The situation occurred when cancel was cliced during an authentication attempt. The connection URI was left into BXDatabaseContext, and it contained the potentially correct password.

Comments (0)

Files changed (1)

BaseTenAppKit/Sources/BXNetServiceConnector.m

 
 - (void) authenticationPanelCancel: (id) panel
 {
+	//Make the context forget the password.
+	NSURL* databaseURI = [mContext databaseURI];
+	databaseURI = [databaseURI BXURIForHost: nil database: nil username: nil password: @""];
+	[mContext setDatabaseURIInternal: databaseURI];	
+	
 	[mContext disconnect];
 }
 
 {
 	[mContext setStoresURICredentials: [panel shouldStorePasswordInKeychain]];
 	NSURL* databaseURI = [mContext databaseURI];
-	databaseURI = [databaseURI BXURIForHost: nil database: nil username: username password: password];
+	databaseURI = [databaseURI BXURIForHost: nil database: nil username: username password: password ?: @""];
 	
 	[mContext setDatabaseURIInternal: databaseURI];
 	[mContext connectAsync];