You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-commits@jackrabbit.apache.org by st...@apache.org on 2018/10/11 13:17:19 UTC
svn commit: r1843549 - in /jackrabbit/oak/trunk:
oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/
oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/
Author: stillalex
Date: Thu Oct 11 13:17:19 2018
New Revision: 1843549
URL: http://svn.apache.org/viewvc?rev=1843549&view=rev
Log:
OAK-7822 More aggressive internal state cleanup of login modules
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModule.java
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModule.java
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModule.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModule.java?rev=1843549&r1=1843548&r2=1843549&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModule.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModule.java Thu Oct 11 13:17:19 2018
@@ -153,6 +153,7 @@ public final class TokenLoginModule exte
if (tokenCredentials != null && userId != null) {
Set<? extends Principal> principals = (principal != null) ? getPrincipals(principal) : getPrincipals(userId);
updateSubject(tokenCredentials, getAuthInfo(tokenInfo, principals), principals);
+ clearState();
return true;
}
try{
@@ -206,6 +207,7 @@ public final class TokenLoginModule exte
tokenCredentials = null;
tokenInfo = null;
userId = null;
+ tokenProvider = null;
}
//------------------------------------------------------------< private >---
@@ -245,7 +247,7 @@ public final class TokenLoginModule exte
* @return The {@code AuthInfo} resulting from the successful login.
*/
@Nullable
- private AuthInfo getAuthInfo(@Nullable TokenInfo tokenInfo, @NotNull Set<? extends Principal> principals) {
+ private static AuthInfo getAuthInfo(@Nullable TokenInfo tokenInfo, @NotNull Set<? extends Principal> principals) {
if (tokenInfo != null) {
Map<String, Object> attributes = new HashMap<String, Object>();
Map<String, String> publicAttributes = tokenInfo.getPublicAttributes();
Modified: jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModule.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModule.java?rev=1843549&r1=1843548&r2=1843549&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModule.java (original)
+++ jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModule.java Thu Oct 11 13:17:19 2018
@@ -219,6 +219,7 @@ public abstract class AbstractLoginModul
} catch (IOException e) {
log.debug(e.getMessage());
}
+ systemSession = null;
}
}