You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@shiro.apache.org by lh...@apache.org on 2011/07/22 22:19:22 UTC
svn commit: r1149723 -
/shiro/trunk/web/src/main/java/org/apache/shiro/web/mgt/DefaultWebSecurityManager.java
Author: lhazlewood
Date: Fri Jul 22 20:19:22 2011
New Revision: 1149723
URL: http://svn.apache.org/viewvc?rev=1149723&view=rev
Log:
SHIRO-312: adjusted WebSecurityManager check for isServletContainerSessions
Modified:
shiro/trunk/web/src/main/java/org/apache/shiro/web/mgt/DefaultWebSecurityManager.java
Modified: shiro/trunk/web/src/main/java/org/apache/shiro/web/mgt/DefaultWebSecurityManager.java
URL: http://svn.apache.org/viewvc/shiro/trunk/web/src/main/java/org/apache/shiro/web/mgt/DefaultWebSecurityManager.java?rev=1149723&r1=1149722&r2=1149723&view=diff
==============================================================================
--- shiro/trunk/web/src/main/java/org/apache/shiro/web/mgt/DefaultWebSecurityManager.java (original)
+++ shiro/trunk/web/src/main/java/org/apache/shiro/web/mgt/DefaultWebSecurityManager.java Fri Jul 22 20:19:22 2011
@@ -59,15 +59,15 @@ public class DefaultWebSecurityManager e
@Deprecated
public static final String NATIVE_SESSION_MODE = "native";
- /**
- * @deprecated as of 1.2. This should NOT be used for anything other than determining if the sessionMode has changed.
- */
- @Deprecated
+ /**
+ * @deprecated as of 1.2. This should NOT be used for anything other than determining if the sessionMode has changed.
+ */
+ @Deprecated
private String sessionMode;
public DefaultWebSecurityManager() {
super();
- ((DefaultSubjectDAO)this.subjectDAO).setSessionStorageEvaluator(new DefaultWebSessionStorageEvaluator());
+ ((DefaultSubjectDAO) this.subjectDAO).setSessionStorageEvaluator(new DefaultWebSessionStorageEvaluator());
this.sessionMode = HTTP_SESSION_MODE;
setSubjectFactory(new DefaultWebSubjectFactory());
setRememberMeManager(new CookieRememberMeManager());
@@ -134,31 +134,35 @@ public class DefaultWebSecurityManager e
}
}
- @Override
- public void setSessionManager(SessionManager sessionManager) {
- this.sessionMode = null;
- this.setInternalSessionManager(sessionManager);
- }
+ @Override
+ public void setSessionManager(SessionManager sessionManager) {
+ this.sessionMode = null;
+ if (sessionManager != null && !(sessionManager instanceof WebSessionManager)) {
+ if (log.isWarnEnabled()) {
+ String msg = "The " + getClass().getName() + " implementation expects SessionManager instances " +
+ "that implement the " + WebSessionManager.class.getName() + " interface. The " +
+ "configured instance is of type [" + sessionManager.getClass().getName() + "] which does not " +
+ "implement this interface.. This may cause unexpected behavior.";
+ log.warn(msg);
+ }
+ }
+ setInternalSessionManager(sessionManager);
+ }
/**
* @param sessionManager
* @since 1.2
*/
- private void setInternalSessionManager(SessionManager sessionManager) {
- super.setSessionManager(sessionManager);
- }
+ private void setInternalSessionManager(SessionManager sessionManager) {
+ super.setSessionManager(sessionManager);
+ }
- /**
+ /**
* @since 1.0
*/
public boolean isHttpSessionMode() {
SessionManager sessionManager = getSessionManager();
-
- if(sessionManager instanceof WebSessionManager) {
- return ((WebSessionManager)sessionManager).isServletContainerSessions();
- }
- //use Servlet container sessions by default:
- return true;
+ return sessionManager instanceof WebSessionManager && ((WebSessionManager)sessionManager).isServletContainerSessions();
}
protected SessionManager createSessionManager(String sessionMode) {