You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@myfaces.apache.org by de...@apache.org on 2015/10/16 16:14:46 UTC
svn commit: r1709006 -
/myfaces/tobago/trunk/tobago-core/src/main/java/org/apache/myfaces/tobago/webapp/Secret.java
Author: deki
Date: Fri Oct 16 14:14:45 2015
New Revision: 1709006
URL: http://svn.apache.org/viewvc?rev=1709006&view=rev
Log:
TOBAGO-1505: NPE while rendering Session Secret
Modified:
myfaces/tobago/trunk/tobago-core/src/main/java/org/apache/myfaces/tobago/webapp/Secret.java
Modified: myfaces/tobago/trunk/tobago-core/src/main/java/org/apache/myfaces/tobago/webapp/Secret.java
URL: http://svn.apache.org/viewvc/myfaces/tobago/trunk/tobago-core/src/main/java/org/apache/myfaces/tobago/webapp/Secret.java?rev=1709006&r1=1709005&r2=1709006&view=diff
==============================================================================
--- myfaces/tobago/trunk/tobago-core/src/main/java/org/apache/myfaces/tobago/webapp/Secret.java (original)
+++ myfaces/tobago/trunk/tobago-core/src/main/java/org/apache/myfaces/tobago/webapp/Secret.java Fri Oct 16 14:14:45 2015
@@ -82,6 +82,11 @@ public final class Secret implements Ser
final Map requestParameterMap = facesContext.getExternalContext().getRequestParameterMap();
final String fromRequest = (String) requestParameterMap.get(Secret.KEY);
final Object session = facesContext.getExternalContext().getSession(false);
+ Secret secret = getSecret(session);
+ return secret != null && secret.secret.equals(fromRequest);
+ }
+
+ private static Secret getSecret(Object session) {
Secret secret = null;
if (session!=null) {
if (session instanceof HttpSession) {
@@ -92,7 +97,7 @@ public final class Secret implements Ser
throw new IllegalArgumentException("Unknown session type: " + session);
}
}
- return secret != null && secret.secret.equals(fromRequest);
+ return secret;
}
/**
@@ -104,15 +109,10 @@ public final class Secret implements Ser
writer.writeAttribute(HtmlAttributes.NAME, Secret.KEY, false);
writer.writeAttribute(HtmlAttributes.ID, Secret.KEY, false);
final Object session = facesContext.getExternalContext().getSession(true);
- final Secret secret;
- if (session instanceof HttpSession) {
- secret = (Secret) ((HttpSession) session).getAttribute(Secret.KEY);
- } else if (PortletUtils.isPortletApiAvailable() && session instanceof PortletSession) {
- secret = (Secret) ((PortletSession) session).getAttribute(Secret.KEY, PortletSession.APPLICATION_SCOPE);
- } else {
- throw new IllegalArgumentException("Unknown session type: " + session);
+ final Secret secret = getSecret(session);
+ if (secret != null) {
+ writer.writeAttribute(HtmlAttributes.VALUE, secret.secret, false);
}
- writer.writeAttribute(HtmlAttributes.VALUE, secret.secret, false);
writer.endElement(HtmlElements.INPUT);
}