From 5c9562cb24bc5fadc9eb518bc7c11dc58acae56b Mon Sep 17 00:00:00 2001
From: kohsuke <kohsuke@dev.java.net>
Date: Thu, 8 Apr 2010 05:40:55 +0000
Subject: [PATCH] In the current version of Hudson, stdout needs to be set or
 else the process invocation will fail.

---
 .../script_realm/ScriptSecurityRealm.java     |  4 +++-
 .../script_realm/ScriptSecurityRealmTest.java | 22 +++++++++++++++++++
 2 files changed, 25 insertions(+), 1 deletion(-)
 create mode 100644 src/test/java/hudson/plugins/script_realm/ScriptSecurityRealmTest.java

diff --git a/src/main/java/hudson/plugins/script_realm/ScriptSecurityRealm.java b/src/main/java/hudson/plugins/script_realm/ScriptSecurityRealm.java
index ca7d168..dc43f89 100644
--- a/src/main/java/hudson/plugins/script_realm/ScriptSecurityRealm.java
+++ b/src/main/java/hudson/plugins/script_realm/ScriptSecurityRealm.java
@@ -26,6 +26,7 @@ package hudson.plugins.script_realm;
 import hudson.Extension;
 import hudson.Launcher.LocalLauncher;
 import hudson.model.Descriptor;
+import hudson.model.TaskListener;
 import hudson.security.AbstractPasswordBasedSecurityRealm;
 import hudson.security.GroupDetails;
 import hudson.security.SecurityRealm;
@@ -38,6 +39,7 @@ import org.acegisecurity.GrantedAuthority;
 import org.acegisecurity.userdetails.User;
 import org.acegisecurity.userdetails.UserDetails;
 import org.acegisecurity.userdetails.UsernameNotFoundException;
+import org.apache.commons.io.output.NullOutputStream;
 import org.kohsuke.stapler.DataBoundConstructor;
 import org.springframework.dao.DataAccessException;
 
@@ -59,7 +61,7 @@ public class ScriptSecurityRealm extends AbstractPasswordBasedSecurityRealm {
         try {
             StringWriter out = new StringWriter();
             LocalLauncher launcher = new LocalLauncher(new StreamTaskListener(out));
-            if (launcher.launch().cmds(QuotedStringTokenizer.tokenize(commandLine))
+            if (launcher.launch().cmds(QuotedStringTokenizer.tokenize(commandLine)).stdout(new NullOutputStream())
                     .envs("U="+username,"P="+password).join()!=0)
                 throw new BadCredentialsException(out.toString());
 
diff --git a/src/test/java/hudson/plugins/script_realm/ScriptSecurityRealmTest.java b/src/test/java/hudson/plugins/script_realm/ScriptSecurityRealmTest.java
new file mode 100644
index 0000000..228edca
--- /dev/null
+++ b/src/test/java/hudson/plugins/script_realm/ScriptSecurityRealmTest.java
@@ -0,0 +1,22 @@
+package hudson.plugins.script_realm;
+
+import org.acegisecurity.AuthenticationException;
+import org.jvnet.hudson.test.HudsonTestCase;
+
+/**
+ * @author Kohsuke Kawaguchi
+ */
+public class ScriptSecurityRealmTest extends HudsonTestCase {
+    public void test1() {
+        new ScriptSecurityRealm("/bin/true").authenticate("test","test");
+    }
+
+    public void test2() {
+        try {
+            new ScriptSecurityRealm("/bin/false").authenticate("test","test");
+            fail();
+        } catch (AuthenticationException e) {
+            // as expected
+        }
+    }
+}