You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@shiro.apache.org by "Les Hazlewood (JIRA)" <ji...@apache.org> on 2009/01/27 06:00:59 UTC
[jira] Resolved: (JSEC-20) Update JavaDoc for return type of
SecurityUtils.getSubject()
[ https://issues.apache.org/jira/browse/JSEC-20?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Les Hazlewood resolved JSEC-20.
-------------------------------
Resolution: Fixed
Assignee: Les Hazlewood
I've updated the JavaDoc as well as made the code throw an IllegalStateException in the event that the method can't find the (required) SecurityManager instance. This would be an invalid configuration since the caller of SecurityUtils.getSubject() should _always_ receive a Subject instance representing the currently executing subject, even if it is an anonymous Subject.
> Update JavaDoc for return type of SecurityUtils.getSubject()
> ------------------------------------------------------------
>
> Key: JSEC-20
> URL: https://issues.apache.org/jira/browse/JSEC-20
> Project: JSecurity
> Issue Type: Task
> Components: Documentation
> Affects Versions: 1.0
> Reporter: Grzegorz Borkowski
> Assignee: Les Hazlewood
> Priority: Trivial
> Fix For: 1.0
>
>
> From JavaDoc for SecurityUtils.getSubject() it is not clear what returns this method if nobody is logged in. Does it return null? or some default Subject? From Subject class documentation (getPrincipal method) I would expect that SecurityUtils.getSubject() returns some default Subject, but simple tests shows that it is not true - it returns null.
> So I would change it like this:
> @return the currently accessible <tt>Subject</tt> accessible to the calling code or null if .... (actually when?)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.