You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@myfaces.apache.org by de...@apache.org on 2015/05/19 09:48:23 UTC

svn commit: r1680198 - in /myfaces/tobago/branches/tobago-3.0.x: ./ tobago-core/src/main/java/org/apache/myfaces/tobago/webapp/Secret.java

Author: deki
Date: Tue May 19 07:48:23 2015
New Revision: 1680198

URL: http://svn.apache.org/r1680198
Log:
Merged from trunk
TOBAGO-1466: No need to force session creation for secret check [from revision 1680197]

Modified:
    myfaces/tobago/branches/tobago-3.0.x/   (props changed)
    myfaces/tobago/branches/tobago-3.0.x/tobago-core/src/main/java/org/apache/myfaces/tobago/webapp/Secret.java

Propchange: myfaces/tobago/branches/tobago-3.0.x/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Tue May 19 07:48:23 2015
@@ -1,3 +1,3 @@
 /myfaces/tobago/branches/tobago-1.5.x:1356585,1357124
 /myfaces/tobago/branches/tobago-tree-table:1226794-1341423
-/myfaces/tobago/trunk:1571193,1571804,1571816,1571941,1571945,1571962,1571966,1576730,1589960,1591854,1600239,1600818,1601860,1602151,1602154,1602343,1604224,1606201,1607642,1609696-1609697,1609718,1610942,1610948,1610970,1610989,1611011,1611259,1611264,1611276,1611329,1611338-1611339,1611571,1613015,1613032,1614827,1614853,1615053,1615114,1615121,1617310,1619789,1621101,1621107,1621134,1621156,1621264,1621282,1621332,1622222,1622243,1622508,1623934,1624033,1625968,1625972,1626270,1628899,1628953,1636842,1636911,1640117,1640147,1640541,1640548,1640638,1640761,1640917,1641575,1641635,1641772,1641775,1641777,1656502,1657180,1657269,1657276,1657279,1658909,1658912,1659026,1659031,1660696,1660699,1660708,1660714,1665569,1666464,1668147,1668153,1668249,1675330,1675565,1675584,1675588-1675589,1675636,1679031
+/myfaces/tobago/trunk:1571193,1571804,1571816,1571941,1571945,1571962,1571966,1576730,1589960,1591854,1600239,1600818,1601860,1602151,1602154,1602343,1604224,1606201,1607642,1609696-1609697,1609718,1610942,1610948,1610970,1610989,1611011,1611259,1611264,1611276,1611329,1611338-1611339,1611571,1613015,1613032,1614827,1614853,1615053,1615114,1615121,1617310,1619789,1621101,1621107,1621134,1621156,1621264,1621282,1621332,1622222,1622243,1622508,1623934,1624033,1625968,1625972,1626270,1628899,1628953,1636842,1636911,1640117,1640147,1640541,1640548,1640638,1640761,1640917,1641575,1641635,1641772,1641775,1641777,1656502,1657180,1657269,1657276,1657279,1658909,1658912,1659026,1659031,1660696,1660699,1660708,1660714,1665569,1666464,1668147,1668153,1668249,1675330,1675565,1675584,1675588-1675589,1675636,1679031,1680197

Modified: myfaces/tobago/branches/tobago-3.0.x/tobago-core/src/main/java/org/apache/myfaces/tobago/webapp/Secret.java
URL: http://svn.apache.org/viewvc/myfaces/tobago/branches/tobago-3.0.x/tobago-core/src/main/java/org/apache/myfaces/tobago/webapp/Secret.java?rev=1680198&r1=1680197&r2=1680198&view=diff
==============================================================================
--- myfaces/tobago/branches/tobago-3.0.x/tobago-core/src/main/java/org/apache/myfaces/tobago/webapp/Secret.java (original)
+++ myfaces/tobago/branches/tobago-3.0.x/tobago-core/src/main/java/org/apache/myfaces/tobago/webapp/Secret.java Tue May 19 07:48:23 2015
@@ -81,14 +81,16 @@ public final class Secret implements Ser
   public static boolean check(final FacesContext facesContext) {
     final Map requestParameterMap = facesContext.getExternalContext().getRequestParameterMap();
     final String fromRequest = (String) requestParameterMap.get(Secret.KEY);
-    final Object session = facesContext.getExternalContext().getSession(true);
-    final Secret secret;
-    if (session instanceof HttpSession) {
-      secret = (Secret) ((HttpSession) session).getAttribute(Secret.KEY);
-    } else if (PortletUtils.isPortletApiAvailable() && session instanceof PortletSession) {
-      secret = (Secret) ((PortletSession) session).getAttribute(Secret.KEY, PortletSession.APPLICATION_SCOPE);
-    } else {
-      throw new IllegalArgumentException("Unknown session type: " + session);
+    final Object session = facesContext.getExternalContext().getSession(false);
+    Secret secret = null;
+    if (session!=null) {
+      if (session instanceof HttpSession) {
+        secret = (Secret) ((HttpSession) session).getAttribute(Secret.KEY);
+      } else if (PortletUtils.isPortletApiAvailable() && session instanceof PortletSession) {
+        secret = (Secret) ((PortletSession) session).getAttribute(Secret.KEY, PortletSession.APPLICATION_SCOPE);
+      } else {
+        throw new IllegalArgumentException("Unknown session type: " + session);
+      }
     }
     return secret != null && secret.secret.equals(fromRequest);
   }