Acasă Explorează Ajutor
Înregistrare Autentificare
github
/
spring-security
oglindă de https://github.com/spring-projects/spring-security
2
0
Bifurcare 0
Fisiere Probleme 0 Wiki
Răsfoiți Sursa

SEC-2574: Polish

Handle null DelegatingApplicationListener
Rob Winch 10 ani în urmă
părinte
5810681b06
comite
05882b5f24
1 a modificat fișierele cu 16 adăugiri și 5 ștergeri
Vizualizare divizată Arată Statisticile Diff
  1. 16 5
      config/src/main/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurer.java

+ 16 - 5
config/src/main/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurer.java
Vizualizați fișierul 

@@ -23,13 +23,14 @@ import javax.servlet.http.HttpServletResponse;
 
 import javax.servlet.http.HttpSession;
 
 
 import org.springframework.context.ApplicationContext;
 
+import org.springframework.context.ApplicationListener;
 
 import org.springframework.context.event.GenericApplicationListenerAdapter;
 
 import org.springframework.context.event.SmartApplicationListener;
 
 import org.springframework.security.authentication.AuthenticationTrustResolver;
 
 import org.springframework.security.config.annotation.web.HttpSecurityBuilder;
 
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 
-import org.springframework.security.context.DelegatingApplicationListener;
 
 import org.springframework.security.config.http.SessionCreationPolicy;
 
+import org.springframework.security.context.DelegatingApplicationListener;
 
 import org.springframework.security.core.session.SessionRegistry;
 
 import org.springframework.security.core.session.SessionRegistryImpl;
 
 import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
 
@@ -474,15 +475,25 @@ public final class SessionManagementConfigurer<H extends HttpSecurityBuilder<H>>
 
     private SessionRegistry getSessionRegistry(H http) {
 
         if(sessionRegistry == null) {
 
             SessionRegistryImpl sessionRegistry = new SessionRegistryImpl();
 
-            ApplicationContext context = http.getSharedObject(ApplicationContext.class);
 
-            DelegatingApplicationListener delegating = context.getBean(DelegatingApplicationListener.class);
 
-            SmartApplicationListener smartListener = new GenericApplicationListenerAdapter(sessionRegistry);
 
-            delegating.addListener(smartListener);
 
+            registerDelegateApplicationListener(http, sessionRegistry);
 
             this.sessionRegistry = sessionRegistry;
 
         }
 
         return sessionRegistry;
 
     }
 
 
+    private void registerDelegateApplicationListener(H http, ApplicationListener<?> delegate) {
 
+        ApplicationContext context = http.getSharedObject(ApplicationContext.class);
 
+        if(context == null) {
 
+            return;
 
+        }
 
+        if(context.getBeansOfType(DelegatingApplicationListener.class).isEmpty()) {
 
+            return;
 
+        }
 
+        DelegatingApplicationListener delegating = context.getBean(DelegatingApplicationListener.class);
 
+        SmartApplicationListener smartListener = new GenericApplicationListenerAdapter(delegate);
 
+        delegating.addListener(smartListener);
 
+    }
 
+
 
     /**
 
      * Returns true if the number of concurrent sessions per user should be restricted.
 
      * @return