You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@wicket.apache.org by mg...@apache.org on 2016/09/19 19:45:39 UTC
[1/4] wicket git commit: WICKET-6242 Weak concurrency management in
AuthenticatedWebSession#signedIn
Repository: wicket
Updated Branches:
refs/heads/master dbfe3461e -> 5e1ced34e
WICKET-6242 Weak concurrency management in AuthenticatedWebSession#signedIn
Project: http://git-wip-us.apache.org/repos/asf/wicket/repo
Commit: http://git-wip-us.apache.org/repos/asf/wicket/commit/4fdc8175
Tree: http://git-wip-us.apache.org/repos/asf/wicket/tree/4fdc8175
Diff: http://git-wip-us.apache.org/repos/asf/wicket/diff/4fdc8175
Branch: refs/heads/master
Commit: 4fdc8175cab0d842c7aeeb52366338ceaac250d9
Parents: dbfe346
Author: Martin Tzvetanov Grigorov <mg...@apache.org>
Authored: Sat Sep 10 13:12:28 2016 +0200
Committer: Martin Tzvetanov Grigorov <mg...@apache.org>
Committed: Mon Sep 19 21:38:11 2016 +0200
----------------------------------------------------------------------
.../authentication/AuthenticatedWebSession.java | 23 ++++++++++++--------
1 file changed, 14 insertions(+), 9 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/wicket/blob/4fdc8175/wicket-auth-roles/src/main/java/org/apache/wicket/authroles/authentication/AuthenticatedWebSession.java
----------------------------------------------------------------------
diff --git a/wicket-auth-roles/src/main/java/org/apache/wicket/authroles/authentication/AuthenticatedWebSession.java b/wicket-auth-roles/src/main/java/org/apache/wicket/authroles/authentication/AuthenticatedWebSession.java
index a5df531..744811b 100644
--- a/wicket-auth-roles/src/main/java/org/apache/wicket/authroles/authentication/AuthenticatedWebSession.java
+++ b/wicket-auth-roles/src/main/java/org/apache/wicket/authroles/authentication/AuthenticatedWebSession.java
@@ -16,10 +16,11 @@
*/
package org.apache.wicket.authroles.authentication;
+import java.util.concurrent.atomic.AtomicBoolean;
+
import org.apache.wicket.Session;
import org.apache.wicket.request.Request;
-
/**
* Basic authenticated web session. Subclasses must provide a method that authenticates the session
* based on a username and password, and a method implementation that gets the Roles
@@ -39,7 +40,7 @@ public abstract class AuthenticatedWebSession extends AbstractAuthenticatedWebSe
}
/** True when the user is signed in */
- private volatile boolean signedIn;
+ private final AtomicBoolean signedIn = new AtomicBoolean(false);
/**
* Construct.
@@ -62,12 +63,16 @@ public abstract class AuthenticatedWebSession extends AbstractAuthenticatedWebSe
*/
public final boolean signIn(final String username, final String password)
{
- signedIn = authenticate(username, password);
- if (signedIn)
+ if (signedIn.compareAndSet(false, true))
{
- bind();
+ boolean authenticated = authenticate(username, password);
+ if (authenticated)
+ {
+ bind();
+ }
+ signedIn.set(authenticated);
}
- return signedIn;
+ return signedIn.get();
}
/**
@@ -96,7 +101,7 @@ public abstract class AuthenticatedWebSession extends AbstractAuthenticatedWebSe
*/
protected final void signIn(boolean value)
{
- signedIn = value;
+ signedIn.set(value);
}
/**
@@ -105,7 +110,7 @@ public abstract class AuthenticatedWebSession extends AbstractAuthenticatedWebSe
@Override
public final boolean isSignedIn()
{
- return signedIn;
+ return signedIn.get();
}
/**
@@ -124,7 +129,7 @@ public abstract class AuthenticatedWebSession extends AbstractAuthenticatedWebSe
@Override
public void invalidate()
{
- signedIn = false;
+ signedIn.set(false);
super.invalidate();
}
}
[4/4] wicket git commit: WICKET-6242 Improved synchronization for
signIn. Added missing header license.
Posted by mg...@apache.org.
WICKET-6242 Improved synchronization for signIn. Added missing header license.
Project: http://git-wip-us.apache.org/repos/asf/wicket/repo
Commit: http://git-wip-us.apache.org/repos/asf/wicket/commit/5e1ced34
Tree: http://git-wip-us.apache.org/repos/asf/wicket/tree/5e1ced34
Diff: http://git-wip-us.apache.org/repos/asf/wicket/diff/5e1ced34
Branch: refs/heads/master
Commit: 5e1ced34e30135f3e46c9ab8cea1b8137f72ca8d
Parents: 91b9dba
Author: Andrea Del Bene <ad...@apache.org>
Authored: Tue Sep 13 12:37:59 2016 +0200
Committer: Martin Tzvetanov Grigorov <mg...@apache.org>
Committed: Mon Sep 19 21:40:27 2016 +0200
----------------------------------------------------------------------
.../authentication/AuthenticatedWebSession.java | 14 ++++----------
.../authentication/AuthenticatedWebSessionTest.java | 16 ++++++++++++++++
2 files changed, 20 insertions(+), 10 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/wicket/blob/5e1ced34/wicket-auth-roles/src/main/java/org/apache/wicket/authroles/authentication/AuthenticatedWebSession.java
----------------------------------------------------------------------
diff --git a/wicket-auth-roles/src/main/java/org/apache/wicket/authroles/authentication/AuthenticatedWebSession.java b/wicket-auth-roles/src/main/java/org/apache/wicket/authroles/authentication/AuthenticatedWebSession.java
index 4e3851e..681236a 100644
--- a/wicket-auth-roles/src/main/java/org/apache/wicket/authroles/authentication/AuthenticatedWebSession.java
+++ b/wicket-auth-roles/src/main/java/org/apache/wicket/authroles/authentication/AuthenticatedWebSession.java
@@ -63,17 +63,11 @@ public abstract class AuthenticatedWebSession extends AbstractAuthenticatedWebSe
*/
public final boolean signIn(final String username, final String password)
{
- if (signedIn.compareAndSet(false, true))
+ boolean authenticated = authenticate(username, password);
+
+ if (authenticated && signedIn.compareAndSet(false, true))
{
- boolean authenticated = authenticate(username, password);
- if (authenticated)
- {
- bind();
- }
- else
- {
- signedIn.set(false);
- }
+ bind();
}
return signedIn.get();
}
http://git-wip-us.apache.org/repos/asf/wicket/blob/5e1ced34/wicket-auth-roles/src/test/java/org/apache/wicket/authroles/authentication/AuthenticatedWebSessionTest.java
----------------------------------------------------------------------
diff --git a/wicket-auth-roles/src/test/java/org/apache/wicket/authroles/authentication/AuthenticatedWebSessionTest.java b/wicket-auth-roles/src/test/java/org/apache/wicket/authroles/authentication/AuthenticatedWebSessionTest.java
index c444d81..d91dd9d 100644
--- a/wicket-auth-roles/src/test/java/org/apache/wicket/authroles/authentication/AuthenticatedWebSessionTest.java
+++ b/wicket-auth-roles/src/test/java/org/apache/wicket/authroles/authentication/AuthenticatedWebSessionTest.java
@@ -1,3 +1,19 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
package org.apache.wicket.authroles.authentication;
import static java.util.Locale.getDefault;
[2/4] wicket git commit: WICKET-6242 Weak concurrency management in
AuthenticatedWebSession#signedIn
Posted by mg...@apache.org.
WICKET-6242 Weak concurrency management in AuthenticatedWebSession#signedIn
Unset signedIn to 'false' only if the authenticated has failed.
Project: http://git-wip-us.apache.org/repos/asf/wicket/repo
Commit: http://git-wip-us.apache.org/repos/asf/wicket/commit/d1fc5d2c
Tree: http://git-wip-us.apache.org/repos/asf/wicket/tree/d1fc5d2c
Diff: http://git-wip-us.apache.org/repos/asf/wicket/diff/d1fc5d2c
Branch: refs/heads/master
Commit: d1fc5d2cc3c1ef5da9d8569328fa96a8de4abbad
Parents: 4fdc817
Author: Martin Tzvetanov Grigorov <mg...@apache.org>
Authored: Sat Sep 10 13:24:00 2016 +0200
Committer: Martin Tzvetanov Grigorov <mg...@apache.org>
Committed: Mon Sep 19 21:38:34 2016 +0200
----------------------------------------------------------------------
.../authroles/authentication/AuthenticatedWebSession.java | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/wicket/blob/d1fc5d2c/wicket-auth-roles/src/main/java/org/apache/wicket/authroles/authentication/AuthenticatedWebSession.java
----------------------------------------------------------------------
diff --git a/wicket-auth-roles/src/main/java/org/apache/wicket/authroles/authentication/AuthenticatedWebSession.java b/wicket-auth-roles/src/main/java/org/apache/wicket/authroles/authentication/AuthenticatedWebSession.java
index 744811b..4e3851e 100644
--- a/wicket-auth-roles/src/main/java/org/apache/wicket/authroles/authentication/AuthenticatedWebSession.java
+++ b/wicket-auth-roles/src/main/java/org/apache/wicket/authroles/authentication/AuthenticatedWebSession.java
@@ -70,7 +70,10 @@ public abstract class AuthenticatedWebSession extends AbstractAuthenticatedWebSe
{
bind();
}
- signedIn.set(authenticated);
+ else
+ {
+ signedIn.set(false);
+ }
}
return signedIn.get();
}
[3/4] wicket git commit: WICKET-6242 testing signIn method atomicity
Posted by mg...@apache.org.
WICKET-6242 testing signIn method atomicity
Project: http://git-wip-us.apache.org/repos/asf/wicket/repo
Commit: http://git-wip-us.apache.org/repos/asf/wicket/commit/91b9dbac
Tree: http://git-wip-us.apache.org/repos/asf/wicket/tree/91b9dbac
Diff: http://git-wip-us.apache.org/repos/asf/wicket/diff/91b9dbac
Branch: refs/heads/master
Commit: 91b9dbac3ad2b05e2e8c7fe47370ea193a4763b5
Parents: d1fc5d2
Author: Pedro Henrique Oliveira dos Santos <pe...@apache.org>
Authored: Sat Sep 10 17:56:07 2016 -0300
Committer: Martin Tzvetanov Grigorov <mg...@apache.org>
Committed: Mon Sep 19 21:40:20 2016 +0200
----------------------------------------------------------------------
.../AuthenticatedWebSessionTest.java | 90 ++++++++++++++++++++
1 file changed, 90 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/wicket/blob/91b9dbac/wicket-auth-roles/src/test/java/org/apache/wicket/authroles/authentication/AuthenticatedWebSessionTest.java
----------------------------------------------------------------------
diff --git a/wicket-auth-roles/src/test/java/org/apache/wicket/authroles/authentication/AuthenticatedWebSessionTest.java b/wicket-auth-roles/src/test/java/org/apache/wicket/authroles/authentication/AuthenticatedWebSessionTest.java
new file mode 100644
index 0000000..c444d81
--- /dev/null
+++ b/wicket-auth-roles/src/test/java/org/apache/wicket/authroles/authentication/AuthenticatedWebSessionTest.java
@@ -0,0 +1,90 @@
+package org.apache.wicket.authroles.authentication;
+
+import static java.util.Locale.getDefault;
+import static java.util.concurrent.TimeUnit.SECONDS;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.times;
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.when;
+
+import java.util.concurrent.ExecutorService;
+import java.util.concurrent.Executors;
+
+import org.apache.wicket.Application;
+import org.apache.wicket.ThreadContext;
+import org.apache.wicket.authroles.authorization.strategies.role.Roles;
+import org.apache.wicket.request.Request;
+import org.apache.wicket.request.Response;
+import org.apache.wicket.session.ISessionStore;
+import org.apache.wicket.util.tester.WicketTestCase;
+import org.junit.Before;
+import org.junit.Test;
+
+/**
+ * @author Pedro Santos
+ */
+public class AuthenticatedWebSessionTest extends WicketTestCase {
+ private Request request;
+ private Response response;
+ private ISessionStore sessionStore;
+ private AuthenticatedWebSession session;
+
+ @Before
+ public void initialize() {
+ request = mock(Request.class);
+ response = mock(Response.class);
+ sessionStore = mock(ISessionStore.class);
+ when(request.getLocale()).thenReturn(getDefault());
+ session = new TestAuthenticatedWebSession(request);
+ }
+
+ @Test
+ public void shouldLookupForSessionOnce() throws InterruptedException {
+ ExecutorService executorService = Executors.newFixedThreadPool(10);
+ for (int i = 0; i < 10; i++)
+ executorService.submit(new SiginTask(tester.getApplication()));
+ executorService.shutdown();
+ executorService.awaitTermination(5, SECONDS);
+ // counting lookup calls since sesion.bind() is final
+ // TODO: test for bind calls itself
+ verify(sessionStore, times(1)).lookup(request);
+ }
+
+ class SiginTask implements Runnable {
+ Application application;
+
+ public SiginTask(Application application) {
+ this.application = application;
+ }
+
+ @Override
+ public void run() {
+ ThreadContext.setRequestCycle(application.createRequestCycle(request, response));
+ session.signIn("user", "pass");
+ }
+
+ }
+
+ class TestAuthenticatedWebSession extends AuthenticatedWebSession {
+ private static final long serialVersionUID = 1L;
+
+ public TestAuthenticatedWebSession(Request request) {
+ super(request);
+ }
+
+ @Override
+ protected boolean authenticate(String username, String password) {
+ return true;
+ }
+
+ @Override
+ protected ISessionStore getSessionStore() {
+ return sessionStore;
+ }
+
+ @Override
+ public Roles getRoles() {
+ return null;
+ }
+ }
+}