cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject [1/4] git commit: Cleanup of some of the Tomcat session stuff
Date Sun, 05 Oct 2014 21:40:46 GMT
Repository: cxf-fediz
Updated Branches:
  refs/heads/master 308c39f5a -> e75a5c1ad


Cleanup of some of the Tomcat session stuff


Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/72a1b9cb
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/72a1b9cb
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/72a1b9cb

Branch: refs/heads/master
Commit: 72a1b9cb62157768b575926f0a97448e3b959a7d
Parents: 4373b96
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Wed Oct 1 10:02:48 2014 +0100
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Wed Oct 1 10:02:48 2014 +0100

----------------------------------------------------------------------
 .../cxf/fediz/tomcat/FederationAuthenticator.java     | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/72a1b9cb/plugins/tomcat/src/main/java/org/apache/cxf/fediz/tomcat/FederationAuthenticator.java
----------------------------------------------------------------------
diff --git a/plugins/tomcat/src/main/java/org/apache/cxf/fediz/tomcat/FederationAuthenticator.java
b/plugins/tomcat/src/main/java/org/apache/cxf/fediz/tomcat/FederationAuthenticator.java
index 40d0538..9b741f1 100644
--- a/plugins/tomcat/src/main/java/org/apache/cxf/fediz/tomcat/FederationAuthenticator.java
+++ b/plugins/tomcat/src/main/java/org/apache/cxf/fediz/tomcat/FederationAuthenticator.java
@@ -217,6 +217,14 @@ public class FederationAuthenticator extends FormAuthenticator {
             HttpSession httpSession = request.getSession(false);
             String uri = request.getRequestURI();
             if (httpSession != null && uri.equals(contextName + logoutUrl)) {
+                Session session = request.getSessionInternal();
+                
+                // Cleanup session
+                if (session != null) {
+                    session.removeNote(FEDERATION_NOTE);
+                    session.setPrincipal(null);
+                    request.getSession().removeAttribute(SECURITY_TOKEN);
+                }
                 httpSession.invalidate();
 
                 FedizProcessor wfProc = 
@@ -319,7 +327,6 @@ public class FederationAuthenticator extends FormAuthenticator {
                     LOG.debug("Token already expired. Clean up and redirect");
 
                     session.removeNote(FEDERATION_NOTE);
-                    session.removeNote(Constants.FORM_PRINCIPAL_NOTE);
                     session.setPrincipal(null);
                     request.getSession().removeAttribute(SECURITY_TOKEN);
 
@@ -355,10 +362,13 @@ public class FederationAuthenticator extends FormAuthenticator {
                 LOG.debug("Restore request from session '"
                         + session.getIdInternal() + "'");
             }
+            
+            // Get principal from session, register, and then remove it
             principal = (Principal)session.getNote(Constants.FORM_PRINCIPAL_NOTE);
             register(request, response, principal,
                     FederationConstants.WSFED_METHOD, null, null);
-
+            request.removeNote(Constants.FORM_PRINCIPAL_NOTE);
+            
             if (restoreRequest(request, session)) {
                 if (LOG.isDebugEnabled()) {
                     LOG.debug("Proceed to restored request");


Mime
View raw message