You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@shiro.apache.org by lh...@apache.org on 2010/05/18 08:36:56 UTC
svn commit: r945518 [2/2] - in
/incubator/shiro/branches/session_manager_API_change: ./ all/ core/src/
core/src/main/java/org/apache/shiro/mgt/
core/src/main/java/org/apache/shiro/session/mgt/
core/src/main/java/org/apache/shiro/subject/support/ core/s...
Added: incubator/shiro/branches/session_manager_API_change/samples/spring-client/samples-spring-client.iml
URL: http://svn.apache.org/viewvc/incubator/shiro/branches/session_manager_API_change/samples/spring-client/samples-spring-client.iml?rev=945518&view=auto
==============================================================================
--- incubator/shiro/branches/session_manager_API_change/samples/spring-client/samples-spring-client.iml (added)
+++ incubator/shiro/branches/session_manager_API_change/samples/spring-client/samples-spring-client.iml Tue May 18 06:36:55 2010
@@ -0,0 +1,32 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<module org.jetbrains.idea.maven.project.MavenProjectsManager.isMavenModule="true" type="JAVA_MODULE" version="4">
+ <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false">
+ <output url="file://$MODULE_DIR$/target/classes" />
+ <output-test url="file://$MODULE_DIR$/target/test-classes" />
+ <content url="file://$MODULE_DIR$">
+ <sourceFolder url="file://$MODULE_DIR$/src/main/java" isTestSource="false" />
+ <sourceFolder url="file://$MODULE_DIR$/src/main/resources" isTestSource="false" />
+ <excludeFolder url="file://$MODULE_DIR$/target" />
+ </content>
+ <orderEntry type="inheritedJdk" />
+ <orderEntry type="sourceFolder" forTests="false" />
+ <orderEntry type="library" exported="" name="Maven: log4j:log4j:1.2.15" level="project" />
+ <orderEntry type="module" module-name="shiro-core" exported="" />
+ <orderEntry type="library" exported="" name="Maven: org.slf4j:slf4j-api:1.5.6" level="project" />
+ <orderEntry type="module" module-name="shiro-spring" exported="" />
+ <orderEntry type="module" module-name="shiro-web" exported="" />
+ <orderEntry type="library" exported="" name="Maven: org.springframework:spring-aop:2.5.6" level="project" />
+ <orderEntry type="library" exported="" name="Maven: aopalliance:aopalliance:1.0" level="project" />
+ <orderEntry type="library" exported="" name="Maven: commons-logging:commons-logging:1.1.1" level="project" />
+ <orderEntry type="library" exported="" name="Maven: org.springframework:spring-beans:2.5.6" level="project" />
+ <orderEntry type="library" exported="" name="Maven: org.springframework:spring-core:2.5.6" level="project" />
+ <orderEntry type="library" exported="" name="Maven: org.springframework:spring-context-support:2.5.6" level="project" />
+ <orderEntry type="library" exported="" name="Maven: org.springframework:spring-context:2.5.6" level="project" />
+ <orderEntry type="library" exported="" name="Maven: org.springframework:spring-web:2.5.6" level="project" />
+ <orderEntry type="library" exported="" name="Maven: org.slf4j:slf4j-log4j12:1.5.6" level="project" />
+ <orderEntry type="library" exported="" name="Maven: org.slf4j:jcl-over-slf4j:1.5.6" level="project" />
+ <orderEntry type="library" scope="TEST" name="Maven: junit:junit:4.4" level="project" />
+ <orderEntry type="library" scope="TEST" name="Maven: org.easymock:easymock:2.4" level="project" />
+ </component>
+</module>
+
Propchange: incubator/shiro/branches/session_manager_API_change/samples/spring-hibernate/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Tue May 18 06:36:55 2010
@@ -1 +1,2 @@
/incubator/jsecurity/import/trunk/samples/spring-hibernate:720066-749338
+/incubator/shiro/trunk/samples/spring-hibernate:945461-945509
Modified: incubator/shiro/branches/session_manager_API_change/support/spring/src/main/java/org/apache/shiro/spring/remoting/SecureRemoteInvocationFactory.java
URL: http://svn.apache.org/viewvc/incubator/shiro/branches/session_manager_API_change/support/spring/src/main/java/org/apache/shiro/spring/remoting/SecureRemoteInvocationFactory.java?rev=945518&r1=945517&r2=945518&view=diff
==============================================================================
--- incubator/shiro/branches/session_manager_API_change/support/spring/src/main/java/org/apache/shiro/spring/remoting/SecureRemoteInvocationFactory.java (original)
+++ incubator/shiro/branches/session_manager_API_change/support/spring/src/main/java/org/apache/shiro/spring/remoting/SecureRemoteInvocationFactory.java Tue May 18 06:36:55 2010
@@ -21,6 +21,7 @@ package org.apache.shiro.spring.remoting
import org.aopalliance.intercept.MethodInvocation;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.session.Session;
+import org.apache.shiro.session.mgt.SessionContext;
import org.apache.shiro.session.mgt.SessionManager;
import org.apache.shiro.subject.Subject;
import org.slf4j.Logger;
@@ -53,13 +54,14 @@ public class SecureRemoteInvocationFacto
private static final String SESSION_ID_SYSTEM_PROPERTY_NAME = "shiro.session.id";
private String sessionId;
-
+
+ public SecureRemoteInvocationFactory() {
+ }
+
public SecureRemoteInvocationFactory(String sessionId) {
this();
this.sessionId = sessionId;
}
-
- public SecureRemoteInvocationFactory() {}
/**
* Creates a {@link RemoteInvocation} with the current session ID as an
@@ -81,19 +83,20 @@ public class SecureRemoteInvocationFacto
//for SessionManager calls, all method calls except the 'start' methods require the session id
// as the first argument, so just get it from there:
if (!mi.getMethod().getName().equals("start")) {
- sessionId = (Serializable) mi.getArguments()[0];
+ SessionContext context = (SessionContext) mi.getArguments()[0];
+ sessionId = context.getSessionId();
}
}
//tried the delegate. Use the injected session id if given
if (sessionId == null) sessionId = this.sessionId;
-
+
// If sessionId is null, only then try the Subject:
if (sessionId == null) {
try {
// HACK Check if can get the securityManager - this'll cause an exception if it's not set
SecurityUtils.getSecurityManager();
- if (sessionId == null && !sessionManagerMethodInvocation) {
+ if (!sessionManagerMethodInvocation) {
Subject subject = SecurityUtils.getSubject();
Session session = subject.getSession(false);
if (session != null) {
Modified: incubator/shiro/branches/session_manager_API_change/support/spring/src/test/java/org/apache/shiro/spring/remoting/SecureRemoteInvocationFactoryTest.java
URL: http://svn.apache.org/viewvc/incubator/shiro/branches/session_manager_API_change/support/spring/src/test/java/org/apache/shiro/spring/remoting/SecureRemoteInvocationFactoryTest.java?rev=945518&r1=945517&r2=945518&view=diff
==============================================================================
--- incubator/shiro/branches/session_manager_API_change/support/spring/src/test/java/org/apache/shiro/spring/remoting/SecureRemoteInvocationFactoryTest.java (original)
+++ incubator/shiro/branches/session_manager_API_change/support/spring/src/test/java/org/apache/shiro/spring/remoting/SecureRemoteInvocationFactoryTest.java Tue May 18 06:36:55 2010
@@ -19,8 +19,9 @@
package org.apache.shiro.spring.remoting;
import org.aopalliance.intercept.MethodInvocation;
+import org.apache.shiro.session.mgt.DefaultSessionContext;
+import org.apache.shiro.session.mgt.SessionContext;
import org.apache.shiro.session.mgt.SessionManager;
-import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.ThreadContext;
import org.junit.After;
import org.junit.Before;
@@ -46,10 +47,6 @@ public class SecureRemoteInvocationFacto
ThreadContext.remove();
}
- protected void bind(Subject subject) {
- ThreadContext.bind(subject);
- }
-
@After
public void tearDown() {
ThreadContext.remove();
@@ -92,11 +89,13 @@ public class SecureRemoteInvocationFacto
SecureRemoteInvocationFactory factory = new SecureRemoteInvocationFactory();
MethodInvocation mi = createMock(MethodInvocation.class);
- Method method = getMethod("isValid", SessionManager.class);
+ Method method = getMethod("getSession", SessionManager.class);
expect(mi.getMethod()).andReturn(method).anyTimes();
String dummySessionId = UUID.randomUUID().toString();
- Object[] args = {dummySessionId};
+ SessionContext sessionContext = new DefaultSessionContext();
+ sessionContext.setSessionId(dummySessionId);
+ Object[] args = {sessionContext};
expect(mi.getArguments()).andReturn(args).anyTimes();
replay(mi);
Modified: incubator/shiro/branches/session_manager_API_change/web/src/main/java/org/apache/shiro/web/DefaultWebSecurityManager.java
URL: http://svn.apache.org/viewvc/incubator/shiro/branches/session_manager_API_change/web/src/main/java/org/apache/shiro/web/DefaultWebSecurityManager.java?rev=945518&r1=945517&r2=945518&view=diff
==============================================================================
--- incubator/shiro/branches/session_manager_API_change/web/src/main/java/org/apache/shiro/web/DefaultWebSecurityManager.java (original)
+++ incubator/shiro/branches/session_manager_API_change/web/src/main/java/org/apache/shiro/web/DefaultWebSecurityManager.java Tue May 18 06:36:55 2010
@@ -20,17 +20,17 @@ package org.apache.shiro.web;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.realm.Realm;
-import org.apache.shiro.session.InvalidSessionException;
-import org.apache.shiro.session.Session;
-import org.apache.shiro.session.mgt.DelegatingSession;
import org.apache.shiro.session.mgt.SessionContext;
+import org.apache.shiro.session.mgt.SessionManager;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.subject.SubjectContext;
import org.apache.shiro.util.LifecycleUtils;
import org.apache.shiro.web.mgt.CookieRememberMeManager;
import org.apache.shiro.web.mgt.DefaultWebSubjectFactory;
import org.apache.shiro.web.servlet.ShiroHttpServletRequest;
-import org.apache.shiro.web.session.*;
+import org.apache.shiro.web.session.DefaultWebSessionContext;
+import org.apache.shiro.web.session.DefaultWebSessionManager;
+import org.apache.shiro.web.session.ServletContainerSessionManager;
import org.apache.shiro.web.subject.WebSubject;
import org.apache.shiro.web.subject.WebSubjectContext;
import org.apache.shiro.web.subject.support.DefaultWebSubjectContext;
@@ -39,7 +39,6 @@ import org.slf4j.LoggerFactory;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
-import java.io.Serializable;
import java.util.Collection;
@@ -116,7 +115,7 @@ public class DefaultWebSecurityManager e
this.sessionMode = mode;
if (recreate) {
LifecycleUtils.destroy(getSessionManager());
- WebSessionManager sessionManager = createSessionManager(mode);
+ SessionManager sessionManager = createSessionManager(mode);
setSessionManager(sessionManager);
}
}
@@ -128,7 +127,7 @@ public class DefaultWebSecurityManager e
return this.sessionMode == null || this.sessionMode.equals(HTTP_SESSION_MODE);
}
- protected WebSessionManager createSessionManager(String sessionMode) {
+ protected SessionManager createSessionManager(String sessionMode) {
if (sessionMode == null || sessionMode.equalsIgnoreCase(HTTP_SESSION_MODE)) {
if (log.isInfoEnabled()) {
log.info(HTTP_SESSION_MODE + " mode - enabling ServletContainerSessionManager (HTTP-only Sessions)");
@@ -143,50 +142,13 @@ public class DefaultWebSecurityManager e
}
@Override
- protected Session resolveContextSession(SubjectContext context) throws InvalidSessionException {
- Session session = null;
- if (context instanceof WebSubjectContext) {
- WebSubjectContext wsc = (WebSubjectContext) context;
- ServletRequest request = wsc.resolveServletRequest();
- ServletResponse response = wsc.resolveServletResponse();
- if (request != null && response != null) {
- session = ((WebSessionManager) getSessionManager()).getSession(request, response);
- }
- } else {
- session = super.resolveContextSession(context);
- }
-
- if (session != null && !isHttpSessionMode()) {
- //don't expose the EIS-tier session instance to the SubjectFactory
- session = new DelegatingSession(this, session.getId());
- }
-
- return session;
- }
-
- @Override
- protected Serializable getSessionId(SubjectContext subjectContext) {
- Serializable sessionId = super.getSessionId(subjectContext);
- if (sessionId == null && subjectContext instanceof WebSubjectContext) {
- WebSubjectContext wsc = (WebSubjectContext) subjectContext;
- ServletRequest request = wsc.resolveServletRequest();
- ServletResponse response = wsc.resolveServletResponse();
- if (request != null && response != null) {
- sessionId = ((WebSessionManager) getSessionManager()).getSessionId(request, response);
- }
- }
-
- return sessionId;
- }
-
- @Override
protected SessionContext createSessionContext(SubjectContext subjectContext) {
SessionContext sessionContext = super.createSessionContext(subjectContext);
if (subjectContext instanceof WebSubjectContext) {
WebSubjectContext wsc = (WebSubjectContext) subjectContext;
ServletRequest request = wsc.resolveServletRequest();
ServletResponse response = wsc.resolveServletResponse();
- WebSessionContext webSessionContext = new DefaultWebSessionContext(sessionContext);
+ DefaultWebSessionContext webSessionContext = new DefaultWebSessionContext(sessionContext);
if (request != null) {
webSessionContext.setServletRequest(request);
}
Modified: incubator/shiro/branches/session_manager_API_change/web/src/main/java/org/apache/shiro/web/WebUtils.java
URL: http://svn.apache.org/viewvc/incubator/shiro/branches/session_manager_API_change/web/src/main/java/org/apache/shiro/web/WebUtils.java?rev=945518&r1=945517&r2=945518&view=diff
==============================================================================
--- incubator/shiro/branches/session_manager_API_change/web/src/main/java/org/apache/shiro/web/WebUtils.java (original)
+++ incubator/shiro/branches/session_manager_API_change/web/src/main/java/org/apache/shiro/web/WebUtils.java Tue May 18 06:36:55 2010
@@ -20,6 +20,7 @@ package org.apache.shiro.web;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.session.Session;
+import org.apache.shiro.session.mgt.SessionContext;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.subject.SubjectContext;
import org.apache.shiro.util.StringUtils;
@@ -27,6 +28,7 @@ import org.apache.shiro.util.ThreadConte
import org.apache.shiro.web.filter.AccessControlFilter;
import org.apache.shiro.web.subject.WebSubject;
import org.apache.shiro.web.subject.WebSubjectContext;
+import org.apache.shiro.web.util.RequestPairSource;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -57,14 +59,6 @@ public class WebUtils {
private static final Logger log = LoggerFactory.getLogger(WebUtils.class);
-
- /**
- * Message displayed when a servlet request or response is not bound to the current thread context when expected.
- */
- private static final String NOT_BOUND_ERROR_MESSAGE =
- "Make sure WebUtils.bind() is being called. (typically called by AbstractShiroFilter) " +
- "This could also happen when running integration tests that don't properly call WebUtils.bind().";
-
public static final String SERVLET_REQUEST_KEY = ServletRequest.class.getName() + "_SHIRO_THREAD_CONTEXT_KEY";
public static final String SERVLET_RESPONSE_KEY = ServletResponse.class.getName() + "_SHIRO_THREAD_CONTEXT_KEY";
@@ -74,7 +68,6 @@ public class WebUtils {
*/
public static final String SAVED_REQUEST_KEY = "shiroSavedRequest";
-
/**
* Standard Servlet 2.3+ spec request attributes for include URI and paths.
* <p>If included via a RequestDispatcher, the current resource will see the
@@ -248,16 +241,161 @@ public class WebUtils {
* @since 1.0
*/
public static boolean isHttp(SubjectContext context) {
- if (context instanceof WebSubjectContext) {
- WebSubjectContext wsc = (WebSubjectContext) context;
- ServletRequest request = wsc.resolveServletRequest();
- ServletResponse response = wsc.resolveServletResponse();
- return request != null && request instanceof HttpServletRequest &&
- response != null && response instanceof HttpServletResponse;
+ return context instanceof RequestPairSource && isHttp((RequestPairSource) context);
+ }
+
+ public static boolean isHttp(Subject subject) {
+ return subject instanceof RequestPairSource && isHttp((RequestPairSource) subject);
+ }
+
+ public static boolean isHttp(SessionContext context) {
+ return context instanceof RequestPairSource && isHttp((RequestPairSource) context);
+ }
+
+ public static boolean isWeb(Subject subject) {
+ return subject instanceof RequestPairSource && isWeb((RequestPairSource) subject);
+ }
+
+ public static boolean isWeb(SubjectContext context) {
+ return context instanceof RequestPairSource && isWeb((RequestPairSource) context);
+ }
+
+ public static boolean isWeb(SessionContext context) {
+ return context instanceof RequestPairSource && isWeb((RequestPairSource) context);
+ }
+
+ private static boolean isWeb(RequestPairSource source) {
+ ServletRequest request = source.getServletRequest();
+ ServletResponse response = source.getServletResponse();
+ return request != null && response != null;
+ }
+
+ private static boolean isHttp(RequestPairSource source) {
+ ServletRequest request = source.getServletRequest();
+ ServletResponse response = source.getServletResponse();
+ return request instanceof HttpServletRequest && response instanceof HttpServletResponse;
+ }
+
+ public static ServletRequest getRequest(Subject subject) {
+ if (subject instanceof RequestPairSource) {
+ return ((RequestPairSource) subject).getServletRequest();
}
- return false;
+ return null;
+ }
+
+ public static ServletResponse getResponse(Subject subject) {
+ if (subject instanceof RequestPairSource) {
+ return ((RequestPairSource) subject).getServletResponse();
+ }
+ return null;
+ }
+
+ public static HttpServletRequest getHttpRequest(Subject subject) {
+ ServletRequest request = getRequest(subject);
+ if (request instanceof HttpServletRequest) {
+ return toHttp(request);
+ }
+ return null;
+ }
+
+ public static HttpServletResponse getHttpResponse(Subject subject) {
+ ServletResponse response = getResponse(subject);
+ if (response instanceof HttpServletResponse) {
+ return toHttp(response);
+ }
+ return null;
}
+ public static ServletRequest getRequest(SubjectContext context) {
+ if (context instanceof RequestPairSource) {
+ return ((RequestPairSource) context).getServletRequest();
+ }
+ return null;
+ }
+
+ public static ServletResponse getResponse(SubjectContext context) {
+ if (context instanceof RequestPairSource) {
+ return ((RequestPairSource) context).getServletResponse();
+ }
+ return null;
+ }
+
+ public static HttpServletRequest getHttpRequest(SubjectContext context) {
+ ServletRequest request = getRequest(context);
+ if (request instanceof HttpServletRequest) {
+ return toHttp(request);
+ }
+ return null;
+ }
+
+ public static HttpServletResponse getHttpResponse(SubjectContext context) {
+ ServletResponse response = getResponse(context);
+ if (response instanceof HttpServletResponse) {
+ return toHttp(response);
+ }
+ return null;
+ }
+
+ public static ServletRequest getRequest(SessionContext context) {
+ if (context instanceof RequestPairSource) {
+ return ((RequestPairSource) context).getServletRequest();
+ }
+ return null;
+ }
+
+ public static ServletResponse getResponse(SessionContext context) {
+ if (context instanceof RequestPairSource) {
+ return ((RequestPairSource) context).getServletResponse();
+ }
+ return null;
+ }
+
+ public static HttpServletRequest getHttpRequest(SessionContext context) {
+ ServletRequest request = getRequest(context);
+ if (request instanceof HttpServletRequest) {
+ return toHttp(request);
+ }
+ return null;
+ }
+
+ public static HttpServletResponse getHttpResponse(SessionContext context) {
+ ServletResponse response = getResponse(context);
+ if (response instanceof HttpServletResponse) {
+ return toHttp(response);
+ }
+ return null;
+ }
+
+ /*public static ServletRequest getRequest(SubjectContext context) {
+ if (!(context instanceof RequestPairSource)) {
+ String msg = "Subject instance is not web-based instance. " +
+ "This is required to obtain a ServletRequest and ServletResponse";
+ throw new IllegalArgumentException(msg);
+ }
+ WebSubjectContext wsc = (WebSubjectContext) context;
+ ServletRequest request = wsc.getServletRequest();
+ if (request == null) {
+ String msg = "WebSubjectContext's ServletRequest is null.";
+ throw new IllegalArgumentException(msg);
+ }
+ return request;
+ }
+
+ public static ServletResponse getResponse(SubjectContext context) {
+ if (!(context instanceof WebSubjectContext)) {
+ String msg = "SubjectContext instance is not a " + WebSubjectContext.class.getName() + " instance. " +
+ "This is required to obtain a ServletRequest and ServletResponse";
+ throw new IllegalArgumentException(msg);
+ }
+ WebSubjectContext wsc = (WebSubjectContext) context;
+ ServletResponse response = wsc.getServletResponse();
+ if (response == null) {
+ String msg = "WebSubjectContext's ServletResponse is null.";
+ throw new IllegalArgumentException(msg);
+ }
+ return response;
+ }*/
+
/**
* Returns {@code true} IFF the specified {@code Subject}:
* <ol>
@@ -271,7 +409,7 @@ public class WebUtils {
* @return {@code true} IFF the specified subject has HTTP request/response objects, {@code false} otherwise.
* @since 1.0
*/
- public static boolean isHttp(Subject subject) {
+ /*public static boolean isHttp(Subject subject) {
if (subject instanceof WebSubject) {
WebSubject ws = (WebSubject) subject;
ServletRequest request = ws.getServletRequest();
@@ -280,7 +418,7 @@ public class WebUtils {
response != null && response instanceof HttpServletResponse;
}
return false;
- }
+ }*/
/**
* Returns the {@code Subject}'s associated {@link HttpServletRequest} instance. This method will
@@ -295,7 +433,7 @@ public class WebUtils {
* request is not an {@link HttpServletRequest}.
* @since 1.0
*/
- public static HttpServletRequest getHttpRequest(Subject subject) throws IllegalArgumentException {
+ /*public static HttpServletRequest getHttpRequest(Subject subject) throws IllegalArgumentException {
if (!(subject instanceof WebSubject)) {
String msg = "Subject instance is not a " + WebSubject.class.getName() + " instance. This is required " +
"to obtain a ServletRequest and ServletResponse";
@@ -308,7 +446,7 @@ public class WebUtils {
throw new IllegalArgumentException(msg);
}
return (HttpServletRequest) request;
- }
+ }*/
/**
* Returns the {@code Subject}'s associated {@link HttpServletResponse} instance. This method will
@@ -323,7 +461,7 @@ public class WebUtils {
* response is not an {@link HttpServletResponse}.
* @since 1.0
*/
- public static HttpServletResponse getHttpResponse(Subject subject) {
+ /*public static HttpServletResponse getHttpResponse(Subject subject) {
if (!(subject instanceof WebSubject)) {
String msg = "Subject instance is not a " + WebSubject.class.getName() + " instance. This is required " +
"to obtain a ServletRequest and ServletResponse";
@@ -336,7 +474,7 @@ public class WebUtils {
throw new IllegalArgumentException(msg);
}
return (HttpServletResponse) response;
- }
+ }*/
/**
* Returns the {@code SubjectContext}'s {@link HttpServletRequest} instance. This method will
@@ -351,7 +489,7 @@ public class WebUtils {
* {@code WebSubjectContext}'s request is not an {@link HttpServletRequest}.
* @since 1.0
*/
- public static HttpServletRequest getHttpRequest(SubjectContext context) {
+ /*public static HttpServletRequest getHttpRequest(SubjectContext context) {
if (!(context instanceof WebSubjectContext)) {
String msg = "SubjectContext instance is not a " + WebSubjectContext.class.getName() + " instance. " +
"This is required to obtain a ServletRequest and ServletResponse";
@@ -364,7 +502,7 @@ public class WebUtils {
throw new IllegalArgumentException(msg);
}
return (HttpServletRequest) request;
- }
+ }*/
/**
* Returns the {@code SubjectContext}'s {@link HttpServletResponse} instance. This method will
@@ -379,7 +517,7 @@ public class WebUtils {
* {@code WebSubjectContext}'s response is not an {@link HttpServletResponse}.
* @since 1.0
*/
- public static HttpServletResponse getHttpResponse(SubjectContext context) {
+ /*public static HttpServletResponse getHttpResponse(SubjectContext context) {
if (!(context instanceof WebSubjectContext)) {
String msg = "SubjectContext instance is not a " + WebSubjectContext.class.getName() + " instance. " +
"This is required to obtain a ServletRequest and ServletResponse";
@@ -392,7 +530,7 @@ public class WebUtils {
throw new IllegalArgumentException(msg);
}
return (HttpServletResponse) response;
- }
+ }*/
/**
* A convenience method that merely casts the incoming <code>ServletRequest</code> to an
Modified: incubator/shiro/branches/session_manager_API_change/web/src/main/java/org/apache/shiro/web/session/DefaultWebSessionManager.java
URL: http://svn.apache.org/viewvc/incubator/shiro/branches/session_manager_API_change/web/src/main/java/org/apache/shiro/web/session/DefaultWebSessionManager.java?rev=945518&r1=945517&r2=945518&view=diff
==============================================================================
--- incubator/shiro/branches/session_manager_API_change/web/src/main/java/org/apache/shiro/web/session/DefaultWebSessionManager.java (original)
+++ incubator/shiro/branches/session_manager_API_change/web/src/main/java/org/apache/shiro/web/session/DefaultWebSessionManager.java Tue May 18 06:36:55 2010
@@ -18,9 +18,10 @@
*/
package org.apache.shiro.web.session;
+import org.apache.shiro.session.InvalidSessionException;
import org.apache.shiro.session.Session;
-import org.apache.shiro.session.SessionException;
import org.apache.shiro.session.mgt.DefaultSessionManager;
+import org.apache.shiro.session.mgt.SessionContext;
import org.apache.shiro.web.WebUtils;
import org.apache.shiro.web.servlet.Cookie;
import org.apache.shiro.web.servlet.ShiroHttpServletRequest;
@@ -32,6 +33,7 @@ import org.slf4j.LoggerFactory;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
import java.io.Serializable;
@@ -41,7 +43,7 @@ import java.io.Serializable;
* @author Les Hazlewood
* @since 0.9
*/
-public class DefaultWebSessionManager extends DefaultSessionManager implements WebSessionManager {
+public class DefaultWebSessionManager extends DefaultSessionManager {
//TODO - complete JavaDoc
@@ -75,20 +77,16 @@ public class DefaultWebSessionManager ex
this.sessionIdCookieEnabled = sessionIdCookieEnabled;
}
- private void storeSessionId(Serializable currentId, ServletRequest request, ServletResponse response) {
+ private void storeSessionId(Serializable currentId, HttpServletRequest request, HttpServletResponse response) {
if (currentId == null) {
String msg = "sessionId cannot be null when persisting for subsequent requests.";
throw new IllegalArgumentException(msg);
}
- if (!(request instanceof HttpServletRequest)) {
- log.debug("Current request is not an HttpServletRequest - cannot save session id cookie. Returning.");
- return;
- }
Cookie template = getSessionIdCookie();
Cookie cookie = new SimpleCookie(template);
String idString = currentId.toString();
cookie.setValue(idString);
- cookie.saveTo(WebUtils.toHttp(request), WebUtils.toHttp(response));
+ cookie.saveTo(request, response);
log.trace("Set session ID cookie for session with id {}", idString);
}
@@ -100,8 +98,8 @@ public class DefaultWebSessionManager ex
request.removeAttribute(ShiroHttpServletRequest.REFERENCED_SESSION_ID_IS_VALID);
}
- private void removeSessionIdCookie(ServletRequest request, ServletResponse response) {
- getSessionIdCookie().removeFrom(WebUtils.toHttp(request), WebUtils.toHttp(response));
+ private void removeSessionIdCookie(HttpServletRequest request, HttpServletResponse response) {
+ getSessionIdCookie().removeFrom(request, response);
}
private String getSessionIdCookieValue(ServletRequest request, ServletResponse response) {
@@ -150,67 +148,59 @@ public class DefaultWebSessionManager ex
* @param session the session that was just {@link #createSession created}.
*/
@Override
- protected void onStart(Session session) {
- ServletRequest request = WebUtils.getServletRequest();
- ServletResponse response = WebUtils.getServletResponse();
- if (request == null || response == null) {
- log.debug("Request or response object is not bound to the thread. Assuming this session start " +
- "activity is due to a non web request (possible in a web application that also services " +
- "non web clients.");
+ protected void onStart(Session session, SessionContext context) {
+ if (!WebUtils.isHttp(context)) {
+ log.debug("SubjectContext argument is not HTTP compatible or does not have a request/response " +
+ "pair. Assuming this session start activity is due to a non web request (possible in a web " +
+ "application that also services non web clients.");
return;
+
}
+ HttpServletRequest request = WebUtils.getHttpRequest(context);
+ HttpServletResponse response = WebUtils.getHttpResponse(context);
+
if (isSessionIdCookieEnabled()) {
Serializable sessionId = session.getId();
storeSessionId(sessionId, request, response);
} else {
- log.debug("Session ID cookie is disabled. No cookie has been set for new session with id {}",
- session.getId());
+ log.debug("Session ID cookie is disabled. No cookie has been set for new session with id {}", session.getId());
}
request.removeAttribute(ShiroHttpServletRequest.REFERENCED_SESSION_ID_SOURCE);
request.setAttribute(ShiroHttpServletRequest.REFERENCED_SESSION_IS_NEW, Boolean.TRUE);
}
- public Session getSession(ServletRequest request, ServletResponse response) throws SessionException {
- Serializable id = getReferencedSessionId(request, response);
- Session session = null;
- if ( id != null ) {
- session = getSession(id);
+ @Override
+ public Serializable getSessionId(SessionContext context) {
+ Serializable id = super.getSessionId(context);
+ if (id == null && WebUtils.isWeb(context)) {
+ ServletRequest request = WebUtils.getRequest(context);
+ ServletResponse response = WebUtils.getResponse(context);
+ id = getSessionId(request, response);
}
- return session;
+ return id;
}
- public Serializable getSessionId(ServletRequest request, ServletResponse response) {
+ protected Serializable getSessionId(ServletRequest request, ServletResponse response) {
return getReferencedSessionId(request, response);
}
- @Override
- public void onUnknownSession(Serializable sessionId) {
- ServletRequest request = WebUtils.getServletRequest();
+ protected void onInvalidSession(SessionContext context, Serializable sessionId, InvalidSessionException ise) {
+ ServletRequest request = WebUtils.getRequest(context);
if (request != null) {
markSessionIdInvalid(request);
}
- removeSessionIdCookie();
+ if (WebUtils.isHttp(context)) {
+ removeSessionIdCookie(WebUtils.getHttpRequest(context), WebUtils.getHttpResponse(context));
+ }
}
protected void onStop(Session session) {
super.onStop(session);
- removeSessionIdCookie();
- }
-
- protected void onExpiration(Session session) {
- super.onExpiration(session);
- removeSessionIdCookie();
- }
-
- private void removeSessionIdCookie() {
ServletRequest request = WebUtils.getServletRequest();
ServletResponse response = WebUtils.getServletResponse();
- if (request == null || response == null) {
- log.debug("No request or response bound to the thread. Session ID cookie cannot be removed. This could " +
- "occur in a web application that also services non web clients (e.g. RMI remoting).");
- return;
+ if (request instanceof HttpServletRequest && response instanceof HttpServletResponse) {
+ removeSessionIdCookie(WebUtils.toHttp(request), WebUtils.toHttp(response));
}
- removeSessionIdCookie(request, response);
}
}
Modified: incubator/shiro/branches/session_manager_API_change/web/src/main/java/org/apache/shiro/web/session/ServletContainerSessionManager.java
URL: http://svn.apache.org/viewvc/incubator/shiro/branches/session_manager_API_change/web/src/main/java/org/apache/shiro/web/session/ServletContainerSessionManager.java?rev=945518&r1=945517&r2=945518&view=diff
==============================================================================
--- incubator/shiro/branches/session_manager_API_change/web/src/main/java/org/apache/shiro/web/session/ServletContainerSessionManager.java (original)
+++ incubator/shiro/branches/session_manager_API_change/web/src/main/java/org/apache/shiro/web/session/ServletContainerSessionManager.java Tue May 18 06:36:55 2010
@@ -19,16 +19,15 @@
package org.apache.shiro.web.session;
import org.apache.shiro.authz.AuthorizationException;
-import org.apache.shiro.session.InvalidSessionException;
import org.apache.shiro.session.Session;
+import org.apache.shiro.session.SessionException;
import org.apache.shiro.session.mgt.AbstractSessionManager;
import org.apache.shiro.session.mgt.SessionContext;
+import org.apache.shiro.web.WebUtils;
import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
-import java.io.Serializable;
/**
@@ -51,7 +50,7 @@ import java.io.Serializable;
* @author Les Hazlewood
* @since 0.9
*/
-public class ServletContainerSessionManager extends AbstractSessionManager implements WebSessionManager {
+public class ServletContainerSessionManager extends AbstractSessionManager {
//TODO - complete JavaDoc
@@ -60,92 +59,61 @@ public class ServletContainerSessionMana
public ServletContainerSessionManager() {
}
- @Override
- public Session start(SessionContext initData) throws AuthorizationException {
- return createSession(initData);
+ public Session start(SessionContext context) throws AuthorizationException {
+ return createSession(context);
}
- /**
- * This method exists only to satisfy the parent's abstract method signature. It should never be called since
- * there is no way to obtain a Session instance from a Servlet Container by id (in a system independent
- * manner).
- * <p/>
- * This method will always throw an exception if called since the
- * {@link #getSession(javax.servlet.ServletRequest, javax.servlet.ServletResponse)} method should be used in all
- * cases instead.
- *
- * @param sessionId
- * @return
- * @throws InvalidSessionException
- */
- protected Session doGetSession(Serializable sessionId) throws InvalidSessionException {
- //Ignore session id since there is no way to acquire a session based on an id in a servlet container
- //(that is implementation agnostic)
- String msg = "Cannot retrieve sessions by ID when Sessions are managed by the Servlet Container. This " +
- "feature is available for Shiro 'native' session SessionManager implementations only.";
- throw new IllegalStateException(msg);
- /*ServletRequest request = WebUtils.getServletRequest();
- ServletResponse response = WebUtils.getServletResponse();
- if (request == null) {
- String msg = "Thread-bound ServletRequest cannot be null in ServletContainer-managed Session environments.";
- throw new IllegalStateException(msg);
+ public Session getSession(SessionContext sessionContext) throws SessionException {
+ if (!WebUtils.isHttp(sessionContext)) {
+ String msg = "SessionContext must be an HTTP compatible implementation.";
+ throw new IllegalArgumentException(msg);
}
- return getSession(request, response);*/
- }
- /**
- * @since 1.0
- */
- public Session getSession(ServletRequest request, ServletResponse response) {
+ HttpServletRequest request = WebUtils.getHttpRequest(sessionContext);
+
Session session = null;
- HttpSession httpSession = ((HttpServletRequest) request).getSession(false);
+
+ HttpSession httpSession = request.getSession(false);
if (httpSession != null) {
- session = createSession(httpSession, request.getRemoteHost());
+ String host = getHost(sessionContext);
+ session = createSession(httpSession, host);
}
+
return session;
}
- /**
- * @since 1.0
- */
- public Serializable getSessionId(ServletRequest request, ServletResponse response) {
- HttpSession httpSession = ((HttpServletRequest) request).getSession(false);
- return httpSession != null ? httpSession.getId() : null;
+ private String getHost(SessionContext context) {
+ String host = context.getHost();
+ if (host == null) {
+ ServletRequest request = WebUtils.getRequest(context);
+ if (request != null) {
+ host = request.getRemoteHost();
+ }
+ }
+ return host;
+
}
/**
* @since 1.0
*/
protected Session createSession(SessionContext sessionContext) throws AuthorizationException {
- if (!(sessionContext instanceof WebSessionContext)) {
- String msg = "SessionContext must be a " + WebSessionContext.class.getName() + " instance.";
+ if (!WebUtils.isHttp(sessionContext)) {
+ String msg = "SessionContext must be an HTTP compatible implementation.";
throw new IllegalArgumentException(msg);
}
- WebSessionContext wsc = (WebSessionContext) sessionContext;
+ HttpServletRequest request = WebUtils.getHttpRequest(sessionContext);
- ServletRequest request = wsc.getServletRequest();
- if (request == null) {
- String msg = "WebSessionContext must contain a ServletRequest.";
- throw new IllegalStateException(msg);
- }
- ServletResponse response = wsc.getServletResponse();
- if (response == null) {
- String msg = "WebSessionContext must contain a ServletResponse.";
- throw new IllegalStateException(msg);
- }
-
- HttpSession httpSession = ((HttpServletRequest) request).getSession();
+ HttpSession httpSession = request.getSession();
//ensure that the httpSession timeout reflects what is configured:
long timeoutMillis = getGlobalSessionTimeout();
httpSession.setMaxInactiveInterval((int) (timeoutMillis / MILLIS_PER_SECOND));
- String originatingHost = wsc.getHost();
- if (originatingHost == null) {
- originatingHost = request.getRemoteHost();
- }
- return createSession(httpSession, originatingHost);
+ String host = getHost(sessionContext);
+
+ return createSession(httpSession, host);
}
protected Session createSession(HttpSession httpSession, String host) {
Modified: incubator/shiro/branches/session_manager_API_change/web/src/main/java/org/apache/shiro/web/session/WebSessionContext.java
URL: http://svn.apache.org/viewvc/incubator/shiro/branches/session_manager_API_change/web/src/main/java/org/apache/shiro/web/session/WebSessionContext.java?rev=945518&r1=945517&r2=945518&view=diff
==============================================================================
--- incubator/shiro/branches/session_manager_API_change/web/src/main/java/org/apache/shiro/web/session/WebSessionContext.java (original)
+++ incubator/shiro/branches/session_manager_API_change/web/src/main/java/org/apache/shiro/web/session/WebSessionContext.java Tue May 18 06:36:55 2010
@@ -19,6 +19,7 @@
package org.apache.shiro.web.session;
import org.apache.shiro.session.mgt.SessionContext;
+import org.apache.shiro.web.util.RequestPairSource;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
@@ -31,7 +32,7 @@ import javax.servlet.ServletResponse;
* @author Les Hazlewood
* @since 1.0
*/
-public interface WebSessionContext extends SessionContext {
+public interface WebSessionContext extends SessionContext, RequestPairSource {
/**
* Returns the {@code ServletRequest} received by the servlet container triggering the creation of the
Modified: incubator/shiro/branches/session_manager_API_change/web/src/main/java/org/apache/shiro/web/subject/WebSubject.java
URL: http://svn.apache.org/viewvc/incubator/shiro/branches/session_manager_API_change/web/src/main/java/org/apache/shiro/web/subject/WebSubject.java?rev=945518&r1=945517&r2=945518&view=diff
==============================================================================
--- incubator/shiro/branches/session_manager_API_change/web/src/main/java/org/apache/shiro/web/subject/WebSubject.java (original)
+++ incubator/shiro/branches/session_manager_API_change/web/src/main/java/org/apache/shiro/web/subject/WebSubject.java Tue May 18 06:36:55 2010
@@ -23,6 +23,7 @@ import org.apache.shiro.mgt.SecurityMana
import org.apache.shiro.subject.Subject;
import org.apache.shiro.subject.SubjectContext;
import org.apache.shiro.web.subject.support.DefaultWebSubjectContext;
+import org.apache.shiro.web.util.RequestPairSource;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
@@ -33,7 +34,7 @@ import javax.servlet.ServletResponse;
*
* @since 1.0
*/
-public interface WebSubject extends Subject {
+public interface WebSubject extends Subject, RequestPairSource {
/**
* Returns the {@code ServletRequest} accessible when the Subject instance was created.
Modified: incubator/shiro/branches/session_manager_API_change/web/src/main/java/org/apache/shiro/web/subject/WebSubjectContext.java
URL: http://svn.apache.org/viewvc/incubator/shiro/branches/session_manager_API_change/web/src/main/java/org/apache/shiro/web/subject/WebSubjectContext.java?rev=945518&r1=945517&r2=945518&view=diff
==============================================================================
--- incubator/shiro/branches/session_manager_API_change/web/src/main/java/org/apache/shiro/web/subject/WebSubjectContext.java (original)
+++ incubator/shiro/branches/session_manager_API_change/web/src/main/java/org/apache/shiro/web/subject/WebSubjectContext.java Tue May 18 06:36:55 2010
@@ -19,6 +19,7 @@
package org.apache.shiro.web.subject;
import org.apache.shiro.subject.SubjectContext;
+import org.apache.shiro.web.util.RequestPairSource;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
@@ -30,7 +31,7 @@ import javax.servlet.ServletResponse;
* @author Les Hazlewood
* @since 1.0
*/
-public interface WebSubjectContext extends SubjectContext {
+public interface WebSubjectContext extends SubjectContext, RequestPairSource {
/**
* Returns the {@code ServletRequest} received by the servlet container triggering the creation of the
Modified: incubator/shiro/branches/session_manager_API_change/web/src/main/java/org/apache/shiro/web/subject/support/DefaultWebSubjectContext.java
URL: http://svn.apache.org/viewvc/incubator/shiro/branches/session_manager_API_change/web/src/main/java/org/apache/shiro/web/subject/support/DefaultWebSubjectContext.java?rev=945518&r1=945517&r2=945518&view=diff
==============================================================================
--- incubator/shiro/branches/session_manager_API_change/web/src/main/java/org/apache/shiro/web/subject/support/DefaultWebSubjectContext.java (original)
+++ incubator/shiro/branches/session_manager_API_change/web/src/main/java/org/apache/shiro/web/subject/support/DefaultWebSubjectContext.java Tue May 18 06:36:55 2010
@@ -20,7 +20,6 @@ package org.apache.shiro.web.subject.sup
import org.apache.shiro.subject.Subject;
import org.apache.shiro.subject.support.DefaultSubjectContext;
-import org.apache.shiro.web.WebUtils;
import org.apache.shiro.web.subject.WebSubject;
import org.apache.shiro.web.subject.WebSubjectContext;
@@ -81,10 +80,6 @@ public class DefaultWebSubjectContext ex
request = ((WebSubject) existing).getServletRequest();
}
}
- //last resort - try the thread-local (TODO - remove this if possible):
- if (request == null) {
- request = WebUtils.getServletRequest();
- }
return request;
}
@@ -111,11 +106,6 @@ public class DefaultWebSubjectContext ex
}
}
- //last resort - try the thread-local (TODO - remove this if possible):
- if (response == null) {
- response = WebUtils.getServletResponse();
- }
-
return response;
}
}
Modified: incubator/shiro/branches/session_manager_API_change/web/src/main/java/org/apache/shiro/web/subject/support/WebDelegatingSubject.java
URL: http://svn.apache.org/viewvc/incubator/shiro/branches/session_manager_API_change/web/src/main/java/org/apache/shiro/web/subject/support/WebDelegatingSubject.java?rev=945518&r1=945517&r2=945518&view=diff
==============================================================================
--- incubator/shiro/branches/session_manager_API_change/web/src/main/java/org/apache/shiro/web/subject/support/WebDelegatingSubject.java (original)
+++ incubator/shiro/branches/session_manager_API_change/web/src/main/java/org/apache/shiro/web/subject/support/WebDelegatingSubject.java Tue May 18 06:36:55 2010
@@ -30,7 +30,6 @@ import org.apache.shiro.web.subject.WebS
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
-import java.util.concurrent.Callable;
/**
* @since 1.0
@@ -70,14 +69,4 @@ public class WebDelegatingSubject extend
wsc.setServletResponse(this.servletResponse);
return wsc;
}
-
- @Override
- public <V> Callable<V> associateWith(Callable<V> callable) {
- return new WebSubjectCallable<V>(this, callable);
- }
-
- @Override
- public Runnable associateWith(Runnable runnable) {
- return new WebSubjectRunnable(this, runnable);
- }
}
Added: incubator/shiro/branches/session_manager_API_change/web/src/main/java/org/apache/shiro/web/util/RequestPairSource.java
URL: http://svn.apache.org/viewvc/incubator/shiro/branches/session_manager_API_change/web/src/main/java/org/apache/shiro/web/util/RequestPairSource.java?rev=945518&view=auto
==============================================================================
--- incubator/shiro/branches/session_manager_API_change/web/src/main/java/org/apache/shiro/web/util/RequestPairSource.java (added)
+++ incubator/shiro/branches/session_manager_API_change/web/src/main/java/org/apache/shiro/web/util/RequestPairSource.java Tue May 18 06:36:55 2010
@@ -0,0 +1,30 @@
+/*
+ * Copyright 2008 Les Hazlewood
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.shiro.web.util;
+
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+
+/**
+ * @author Les Hazlewood
+ * @since 1.0
+ */
+public interface RequestPairSource {
+
+ ServletRequest getServletRequest();
+
+ ServletResponse getServletResponse();
+}
Modified: incubator/shiro/branches/session_manager_API_change/web/src/test/java/org/apache/shiro/web/AbstractWebSecurityManagerTest.java
URL: http://svn.apache.org/viewvc/incubator/shiro/branches/session_manager_API_change/web/src/test/java/org/apache/shiro/web/AbstractWebSecurityManagerTest.java?rev=945518&r1=945517&r2=945518&view=diff
==============================================================================
--- incubator/shiro/branches/session_manager_API_change/web/src/test/java/org/apache/shiro/web/AbstractWebSecurityManagerTest.java (original)
+++ incubator/shiro/branches/session_manager_API_change/web/src/test/java/org/apache/shiro/web/AbstractWebSecurityManagerTest.java Tue May 18 06:36:55 2010
@@ -18,16 +18,9 @@
*/
package org.apache.shiro.web;
-import org.apache.shiro.mgt.SecurityManager;
-import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.ThreadContext;
-import org.apache.shiro.web.subject.WebSubject;
-import org.apache.shiro.web.subject.support.WebSubjectThreadState;
import org.junit.After;
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
-
/**
* @since 1.0
*/
@@ -37,13 +30,4 @@ public abstract class AbstractWebSecurit
public void tearDown() {
ThreadContext.remove();
}
-
- protected Subject newSubject(SecurityManager sm, ServletRequest request, ServletResponse response) {
- ThreadContext.bind(sm);
- WebSubject subject = new WebSubject.Builder(sm, request, response).buildWebSubject();
- WebSubjectThreadState threadState = new WebSubjectThreadState(subject);
- threadState.bind();
- return subject;
- }
-
}
Modified: incubator/shiro/branches/session_manager_API_change/web/src/test/java/org/apache/shiro/web/DefaultWebSecurityManagerTest.java
URL: http://svn.apache.org/viewvc/incubator/shiro/branches/session_manager_API_change/web/src/test/java/org/apache/shiro/web/DefaultWebSecurityManagerTest.java?rev=945518&r1=945517&r2=945518&view=diff
==============================================================================
--- incubator/shiro/branches/session_manager_API_change/web/src/test/java/org/apache/shiro/web/DefaultWebSecurityManagerTest.java (original)
+++ incubator/shiro/branches/session_manager_API_change/web/src/test/java/org/apache/shiro/web/DefaultWebSecurityManagerTest.java Tue May 18 06:36:55 2010
@@ -26,6 +26,7 @@ import org.apache.shiro.session.Session;
import org.apache.shiro.session.mgt.AbstractSessionManager;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.servlet.ShiroHttpSession;
+import org.apache.shiro.web.subject.WebSubject;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
@@ -65,7 +66,7 @@ public class DefaultWebSecurityManagerTe
}
protected Subject newSubject(ServletRequest request, ServletResponse response) {
- return newSubject(sm, request, response);
+ return new WebSubject.Builder(sm, request, response).buildSubject();
}
@Test
Modified: incubator/shiro/branches/session_manager_API_change/web/src/test/java/org/apache/shiro/web/session/DefaultWebSessionManagerTest.java
URL: http://svn.apache.org/viewvc/incubator/shiro/branches/session_manager_API_change/web/src/test/java/org/apache/shiro/web/session/DefaultWebSessionManagerTest.java?rev=945518&r1=945517&r2=945518&view=diff
==============================================================================
--- incubator/shiro/branches/session_manager_API_change/web/src/test/java/org/apache/shiro/web/session/DefaultWebSessionManagerTest.java (original)
+++ incubator/shiro/branches/session_manager_API_change/web/src/test/java/org/apache/shiro/web/session/DefaultWebSessionManagerTest.java Tue May 18 06:36:55 2010
@@ -20,7 +20,6 @@ package org.apache.shiro.web.session;
import org.apache.shiro.session.mgt.SimpleSession;
import org.apache.shiro.util.ThreadContext;
-import org.apache.shiro.web.WebUtils;
import org.apache.shiro.web.servlet.Cookie;
import org.apache.shiro.web.servlet.ShiroHttpServletRequest;
import org.apache.shiro.web.servlet.ShiroHttpSession;
@@ -57,8 +56,9 @@ public class DefaultWebSessionManagerTes
SimpleSession session = new SimpleSession();
session.setId("12345");
- WebUtils.bind(createMock(HttpServletRequest.class));
- WebUtils.bind(createMock(HttpServletResponse.class));
+ WebSessionContext wsc = new DefaultWebSessionContext();
+ wsc.setServletRequest(createMock(HttpServletRequest.class));
+ wsc.setServletResponse(createMock(HttpServletResponse.class));
//test that the cookie template is being used:
expect(cookie.getValue()).andReturn("blah");
@@ -73,7 +73,7 @@ public class DefaultWebSessionManagerTes
replay(cookie);
- mgr.onStart(session);
+ mgr.onStart(session, wsc);
verify(cookie);
}
@@ -91,12 +91,13 @@ public class DefaultWebSessionManagerTes
SimpleSession session = new SimpleSession();
session.setId("12345");
- WebUtils.bind(createMock(HttpServletRequest.class));
- WebUtils.bind(createMock(HttpServletResponse.class));
+ WebSessionContext wsc = new DefaultWebSessionContext();
+ wsc.setServletRequest(createMock(HttpServletRequest.class));
+ wsc.setServletResponse(createMock(HttpServletResponse.class));
replay(cookie);
- mgr.onStart(session);
+ mgr.onStart(session, wsc);
verify(cookie);
}