From b5feaadda45d8d9537f01b473eb5eddc1df3baba Mon Sep 17 00:00:00 2001
From: Javi Fontan <jfontan@opennebula.org>
Date: Fri, 22 Feb 2013 17:05:29 +0100
Subject: [PATCH] feature #1741: filter possible user matches using xpath

---
 src/cloud/common/CloudAuth.rb | 19 ++++++++-----------
 1 file changed, 8 insertions(+), 11 deletions(-)

diff --git a/src/cloud/common/CloudAuth.rb b/src/cloud/common/CloudAuth.rb
index fdec369d75..ab6ddea5ef 100644
--- a/src/cloud/common/CloudAuth.rb
+++ b/src/cloud/common/CloudAuth.rb
@@ -134,21 +134,18 @@ class CloudAuth
     # password:: _String_ the password
     # [return] _Hash_ with the username
     def get_username(password)
-        xpath = "USER[PASSWORD=\"#{password}\"]/NAME"
-        username = retrieve_from_userpool(xpath)
-
-        # No exact match, trying to match password with each
+        # Trying to match password with each
         # of the pipe-separated DNs stored in USER/PASSWORD
-        if username.nil?
-            @lock.synchronize do
-                @user_pool.each do |user|
-                    return user["NAME"] if user["AUTH_DRIVER"] == "x509" &&
-                        user["PASSWORD"].split('|').include?(password)
-                end
+        @lock.synchronize do
+            @user_pool.each_with_xpath(
+                    "USER[contains(PASSWORD, \"#{password}\")]") do |user|
+                STDERR.puts user.inspect
+                return user["NAME"] if user["AUTH_DRIVER"] == "x509" &&
+                    user["PASSWORD"].split('|').include?(password)
             end
         end
 
-        username
+        nil
     end
 
     private