You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@shiro.apache.org by lh...@apache.org on 2009/04/18 02:16:59 UTC
svn commit: r766185 - in /incubator/jsecurity/trunk:
core/src/main/java/org/apache/ki/subject/DelegatingSubject.java
web/src/main/java/org/apache/ki/web/DefaultWebSecurityManager.java
Author: lhazlewood
Date: Sat Apr 18 00:16:59 2009
New Revision: 766185
URL: http://svn.apache.org/viewvc?rev=766185&view=rev
Log:
Fixed bug where session.stop was not delegating at all times to the security manager (required for the security manager to clear out a cookie in web environments)
Modified:
incubator/jsecurity/trunk/core/src/main/java/org/apache/ki/subject/DelegatingSubject.java
incubator/jsecurity/trunk/web/src/main/java/org/apache/ki/web/DefaultWebSecurityManager.java
Modified: incubator/jsecurity/trunk/core/src/main/java/org/apache/ki/subject/DelegatingSubject.java
URL: http://svn.apache.org/viewvc/incubator/jsecurity/trunk/core/src/main/java/org/apache/ki/subject/DelegatingSubject.java?rev=766185&r1=766184&r2=766185&view=diff
==============================================================================
--- incubator/jsecurity/trunk/core/src/main/java/org/apache/ki/subject/DelegatingSubject.java (original)
+++ incubator/jsecurity/trunk/core/src/main/java/org/apache/ki/subject/DelegatingSubject.java Sat Apr 18 00:16:59 2009
@@ -107,10 +107,25 @@
this.inetAddress = getLocalHost();
}
if (session != null) {
- this.session = new StoppingAwareProxiedSession(session, this);
+ this.session = decorate(session);
}
}
+ protected Session decorate(Session session) {
+ if (session == null) {
+ throw new IllegalArgumentException("session cannot be null");
+ }
+ return decorateSession(session.getId());
+ }
+
+ protected Session decorateSession(Serializable sessionId) {
+ if (sessionId == null) {
+ throw new IllegalArgumentException("sessionId cannot be null");
+ }
+ DelegatingSession target = new DelegatingSession(getSecurityManager(), sessionId);
+ return new StoppingAwareProxiedSession(target, this);
+ }
+
public SecurityManager getSecurityManager() {
return securityManager;
}
@@ -129,9 +144,7 @@
return this.inetAddress;
}
- /**
- * @see Subject#getPrincipal()
- */
+ /** @see Subject#getPrincipal() */
public Object getPrincipal() {
PrincipalCollection principals = getPrincipals();
if (principals == null || principals.isEmpty()) {
@@ -201,8 +214,7 @@
}
public void checkPermissions(String... permissions)
- throws AuthorizationException
- {
+ throws AuthorizationException {
assertAuthzCheckPossible();
securityManager.checkPermissions(getPrincipals(), permissions);
}
@@ -252,11 +264,7 @@
this.principals = principals;
Session session = subject.getSession(false);
if (session != null) {
- if (session instanceof StoppingAwareProxiedSession) {
- this.session = session;
- } else {
- this.session = new StoppingAwareProxiedSession(session, this);
- }
+ this.session = decorate(session);
} else {
this.session = null;
}
@@ -288,8 +296,7 @@
log.trace("starting session for address [" + getInetAddress() + "]");
}
Serializable sessionId = this.securityManager.start(getInetAddress());
- Session target = new DelegatingSession(this.securityManager, sessionId);
- this.session = new StoppingAwareProxiedSession(target, this);
+ this.session = decorateSession(sessionId);
}
return this.session;
}
Modified: incubator/jsecurity/trunk/web/src/main/java/org/apache/ki/web/DefaultWebSecurityManager.java
URL: http://svn.apache.org/viewvc/incubator/jsecurity/trunk/web/src/main/java/org/apache/ki/web/DefaultWebSecurityManager.java?rev=766185&r1=766184&r2=766185&view=diff
==============================================================================
--- incubator/jsecurity/trunk/web/src/main/java/org/apache/ki/web/DefaultWebSecurityManager.java (original)
+++ incubator/jsecurity/trunk/web/src/main/java/org/apache/ki/web/DefaultWebSecurityManager.java Sat Apr 18 00:16:59 2009
@@ -182,7 +182,6 @@
super.beforeLogout(subjectIdentifier);
//also ensure a request attribute is set so the Subject is not reacquired later during the request:
removeRequestIdentity();
-
}
protected void removeRequestIdentity() {