Add some checks to stuff broken by domain migration from thread-store to username

code/moya-beans/ejbModule/fi/codecrew/moya/beans/CardTemplateBean.java

@@ -168,7 +168,7 @@ public class CardTemplateBean implements CardTemplateBeanLocal {
 	public PrintedCard checkPrintedCard(EventUser user) {
 		logger.info("Checking printed card");
 
-		user = eventUserFacade.find(user.getId());
+		user = eventUserFacade.reload(user);
 
 		LanEvent currEvent = eventBean.getCurrentEvent();
 		List<PrintedCard> myCards = printedcardfacade.getCards(user);

code/moya-utils/src/main/java/fi/codecrew/moya/utilities/UserLoginUtils.java

@@ -32,6 +32,12 @@ public class UserLoginUtils {
 	}
 
 	public static String getUsernameFromJaasString(String username) {
-		return username.split("@[^@]+$")[0];
+		String[] splitted = username.split("@[^@]+$");
+
+		String ret = null;
+		if (splitted.length > 0) {
+			ret = splitted[0];
+		}
+		return ret;
 	}
 }

code/moya-web/src/main/java/fi/codecrew/moya/HostnameFilter.java

@@ -246,7 +246,7 @@ public class HostnameFilter implements Filter {
 		restAuthStr = httpRequest.getHeader("Authorization");
 		// }
 
-		if (restAuthStr == null) {
+		if (restAuthStr == null && httpRequest.getParameter("appkey") != null) {
 
 			StringBuilder hashBuilder = new StringBuilder();
 			hashBuilder.append(JaasBeanLocal.REST_PREFIX);
@@ -257,9 +257,15 @@ public class HostnameFilter implements Filter {
 			hashBuilder.append(httpRequest.getPathInfo());
 			restAuthStr = hashBuilder.toString();
 		}
+
 		boolean ret = true;
 		try {
-			httpRequest.login('@' + parseHostname(httpRequest), restAuthStr);
+			if (restAuthStr == null) {
+				throw new ServletException("No auth data");
+			}
+			final String username = "@" + parseHostname(httpRequest);
+			logger.info("Logging in with username {} and password {}", username, restAuthStr);
+			httpRequest.login(username, restAuthStr);
 		} catch (ServletException loginEx) {
 			ret = false;
 			logger.info("Rest api authentication failed for path " + httpRequest.getPathInfo() + " "
@@ -296,10 +302,11 @@ public class HostnameFilter implements Filter {
 				logbean.sendMessage(MoyaEventType.USER_PERMISSION_VIOLATION,
 					"Hostname mismatch privilege escalation! User '", httpRequest.getUserPrincipal(), "' tried to change hostname from '",
 					userDomain, "' to '", hostname, ",");
-				throw new RuntimeException("Hostname mismatch!");
+				throw new RuntimeException("Hostname mismatch! Expected: " + hostname + " but logged in as " + userDomain);
+
+
 			}
 		}
-
 		BortalLocalContextHolder.setInDevelopmentMode(developmentMode);
 		return hostname;