You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@myfaces.apache.org by de...@apache.org on 2015/10/16 16:14:46 UTC

svn commit: r1709006 - /myfaces/tobago/trunk/tobago-core/src/main/java/org/apache/myfaces/tobago/webapp/Secret.java

Author: deki
Date: Fri Oct 16 14:14:45 2015
New Revision: 1709006

URL: http://svn.apache.org/viewvc?rev=1709006&view=rev
Log:
TOBAGO-1505: NPE while rendering Session Secret

Modified:
    myfaces/tobago/trunk/tobago-core/src/main/java/org/apache/myfaces/tobago/webapp/Secret.java

Modified: myfaces/tobago/trunk/tobago-core/src/main/java/org/apache/myfaces/tobago/webapp/Secret.java
URL: http://svn.apache.org/viewvc/myfaces/tobago/trunk/tobago-core/src/main/java/org/apache/myfaces/tobago/webapp/Secret.java?rev=1709006&r1=1709005&r2=1709006&view=diff
==============================================================================
--- myfaces/tobago/trunk/tobago-core/src/main/java/org/apache/myfaces/tobago/webapp/Secret.java (original)
+++ myfaces/tobago/trunk/tobago-core/src/main/java/org/apache/myfaces/tobago/webapp/Secret.java Fri Oct 16 14:14:45 2015
@@ -82,6 +82,11 @@ public final class Secret implements Ser
     final Map requestParameterMap = facesContext.getExternalContext().getRequestParameterMap();
     final String fromRequest = (String) requestParameterMap.get(Secret.KEY);
     final Object session = facesContext.getExternalContext().getSession(false);
+    Secret secret = getSecret(session);
+    return secret != null && secret.secret.equals(fromRequest);
+  }
+
+  private static Secret getSecret(Object session) {
     Secret secret = null;
     if (session!=null) {
       if (session instanceof HttpSession) {
@@ -92,7 +97,7 @@ public final class Secret implements Ser
         throw new IllegalArgumentException("Unknown session type: " + session);
       }
     }
-    return secret != null && secret.secret.equals(fromRequest);
+    return secret;
   }
 
   /**
@@ -104,15 +109,10 @@ public final class Secret implements Ser
     writer.writeAttribute(HtmlAttributes.NAME, Secret.KEY, false);
     writer.writeAttribute(HtmlAttributes.ID, Secret.KEY, false);
     final Object session = facesContext.getExternalContext().getSession(true);
-    final Secret secret;
-    if (session instanceof HttpSession) {
-      secret = (Secret) ((HttpSession) session).getAttribute(Secret.KEY);
-    } else if (PortletUtils.isPortletApiAvailable() && session instanceof PortletSession) {
-      secret = (Secret) ((PortletSession) session).getAttribute(Secret.KEY, PortletSession.APPLICATION_SCOPE);
-    } else {
-      throw new IllegalArgumentException("Unknown session type: " + session);
+    final Secret secret = getSecret(session);
+    if (secret != null) {
+      writer.writeAttribute(HtmlAttributes.VALUE, secret.secret, false);
     }
-    writer.writeAttribute(HtmlAttributes.VALUE, secret.secret, false);
     writer.endElement(HtmlElements.INPUT);
   }