Fixed bug where session.stop was not delegating at all times to the security manager (required for the security manager to clear out a cookie in web environments)
git-svn-id: https://svn.apache.org/repos/asf/incubator/jsecurity/trunk@766185 13f79535-47bb-0310-9956-ffa450edef68
diff --git a/core/src/main/java/org/apache/ki/subject/DelegatingSubject.java b/core/src/main/java/org/apache/ki/subject/DelegatingSubject.java
index 20653c2..eed3533 100644
--- a/core/src/main/java/org/apache/ki/subject/DelegatingSubject.java
+++ b/core/src/main/java/org/apache/ki/subject/DelegatingSubject.java
@@ -107,10 +107,25 @@
this.inetAddress = getLocalHost();
}
if (session != null) {
- this.session = new StoppingAwareProxiedSession(session, this);
+ this.session = decorate(session);
}
}
+ protected Session decorate(Session session) {
+ if (session == null) {
+ throw new IllegalArgumentException("session cannot be null");
+ }
+ return decorateSession(session.getId());
+ }
+
+ protected Session decorateSession(Serializable sessionId) {
+ if (sessionId == null) {
+ throw new IllegalArgumentException("sessionId cannot be null");
+ }
+ DelegatingSession target = new DelegatingSession(getSecurityManager(), sessionId);
+ return new StoppingAwareProxiedSession(target, this);
+ }
+
public SecurityManager getSecurityManager() {
return securityManager;
}
@@ -129,9 +144,7 @@
return this.inetAddress;
}
- /**
- * @see Subject#getPrincipal()
- */
+ /** @see Subject#getPrincipal() */
public Object getPrincipal() {
PrincipalCollection principals = getPrincipals();
if (principals == null || principals.isEmpty()) {
@@ -201,8 +214,7 @@
}
public void checkPermissions(String... permissions)
- throws AuthorizationException
- {
+ throws AuthorizationException {
assertAuthzCheckPossible();
securityManager.checkPermissions(getPrincipals(), permissions);
}
@@ -252,11 +264,7 @@
this.principals = principals;
Session session = subject.getSession(false);
if (session != null) {
- if (session instanceof StoppingAwareProxiedSession) {
- this.session = session;
- } else {
- this.session = new StoppingAwareProxiedSession(session, this);
- }
+ this.session = decorate(session);
} else {
this.session = null;
}
@@ -288,8 +296,7 @@
log.trace("starting session for address [" + getInetAddress() + "]");
}
Serializable sessionId = this.securityManager.start(getInetAddress());
- Session target = new DelegatingSession(this.securityManager, sessionId);
- this.session = new StoppingAwareProxiedSession(target, this);
+ this.session = decorateSession(sessionId);
}
return this.session;
}
diff --git a/web/src/main/java/org/apache/ki/web/DefaultWebSecurityManager.java b/web/src/main/java/org/apache/ki/web/DefaultWebSecurityManager.java
index 650406e..2899aec 100644
--- a/web/src/main/java/org/apache/ki/web/DefaultWebSecurityManager.java
+++ b/web/src/main/java/org/apache/ki/web/DefaultWebSecurityManager.java
@@ -182,7 +182,6 @@
super.beforeLogout(subjectIdentifier);
//also ensure a request attribute is set so the Subject is not reacquired later during the request:
removeRequestIdentity();
-
}
protected void removeRequestIdentity() {