Home Verkennen Help
Registreren Inloggen
github
/
spring-security
spiegel van https://github.com/spring-projects/spring-security
2
0
Vork 0
Bestanden Issues 0 Wiki
Bladeren bron

HttpSessionIntegrationFilter no longer creates a HttpSession unnecessarily.

Ben Alex 20 jaren geleden
bovenliggende
aa575f7103
commit
cbe53e21b9
3 gewijzigde bestanden met toevoegingen van 6 en 5 verwijderingen
Zij-aan-zij weergave Toon Diff Stats
  1. 3 3
      core/src/main/java/org/acegisecurity/ui/webapp/HttpSessionIntegrationFilter.java
  2. 2 2
      core/src/test/java/org/acegisecurity/MockHttpServletRequest.java
  3. 1 0
      doc/xdocs/changes.xml

+ 3 - 3
core/src/main/java/org/acegisecurity/ui/webapp/HttpSessionIntegrationFilter.java
Bestand weergeven 

@@ -1,4 +1,4 @@
 
-/* Copyright 2004 Acegi Technology Pty Limited
 
+/* Copyright 2004, 2005 Acegi Technology Pty Limited
 
  *
 
  * Licensed under the Apache License, Version 2.0 (the "License");
 
  * you may not use this file except in compliance with the License.
 
@@ -94,7 +94,7 @@ public class HttpSessionIntegrationFilter extends AbstractIntegrationFilter {
 
         Authentication authentication) {
 
         if (request instanceof HttpServletRequest
 
             && ((HttpServletRequest) request).isRequestedSessionIdValid()) {
 
-            HttpSession httpSession = ((HttpServletRequest) request).getSession();
 
+            HttpSession httpSession = ((HttpServletRequest) request).getSession(false);
 
 
             if (httpSession != null) {
 
                 httpSession.setAttribute(ACEGI_SECURITY_AUTHENTICATION_KEY,
 
@@ -109,7 +109,7 @@ public class HttpSessionIntegrationFilter extends AbstractIntegrationFilter {
 
             HttpSession httpSession = null;
 
 
             try {
 
-                httpSession = ((HttpServletRequest) request).getSession();
 
+                httpSession = ((HttpServletRequest) request).getSession(false);
 
             } catch (IllegalStateException ignored) {}
 
 
             if (httpSession != null) {

+ 2 - 2
core/src/test/java/org/acegisecurity/MockHttpServletRequest.java
Bestand weergeven 

@@ -1,4 +1,4 @@
 
-/* Copyright 2004 Acegi Technology Pty Limited
 
+/* Copyright 2004, 2005 Acegi Technology Pty Limited
 
  *
 
  * Licensed under the Apache License, Version 2.0 (the "License");
 
  * you may not use this file except in compliance with the License.
 
@@ -314,7 +314,7 @@ public class MockHttpServletRequest implements HttpServletRequest {
 
     }
 
 
     public HttpSession getSession(boolean arg0) {
 
-        throw new UnsupportedOperationException("mock method not implemented");
 
+        return this.session;
 
     }
 
 
     public HttpSession getSession() {

+ 1 - 0
doc/xdocs/changes.xml
Bestand weergeven 

@@ -32,6 +32,7 @@
 
       <action dev="benalex" type="update">Improved Tapestry support in AbstractProcessingFilter</action>
 
       <action dev="benalex" type="update">User now accepted blank passwords (null passwords still rejected)</action>
 
       <action dev="benalex" type="update">ContextHolderAwareRequestWrapper now provides a getUserPrincipal() method</action>
 
+      <action dev="benalex" type="update">HttpSessionIntegrationFilter no longer creates a HttpSession unnecessarily</action>
 
       <action dev="benalex" type="fix">Contacts sample web.xml no longer expect Log4j to be in classpath</action>
 
       <action dev="raykrueger" type="update">JaasAuthenticatinProvider now uses System.property "java.security.auth.login.config"</action>
 
       <action dev="raykrueger" type="update">JaasAuthenticationCallbackHandler Authentication is passed to handle method setAuthenticatoin removed</action>