shiro-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Les Hazlewood (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (SHIRO-380) runAs feature (still) doesn't work
Date Tue, 07 Aug 2012 18:02:10 GMT

    [ https://issues.apache.org/jira/browse/SHIRO-380?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13430485#comment-13430485
] 

Les Hazlewood commented on SHIRO-380:
-------------------------------------

Thanks for the update Jochen, and the sample app.  Hopefully we can use this to create more
test cases beyond the ones we already have.

Do you know how the behavior differs from the DelegatingSubjectTest testRunAs() test case
(other than the web scenario)?

http://svn.apache.org/repos/asf/shiro/trunk/core/src/test/java/org/apache/shiro/subject/DelegatingSubjectTest.java
                
> runAs feature (still) doesn't work
> ----------------------------------
>
>                 Key: SHIRO-380
>                 URL: https://issues.apache.org/jira/browse/SHIRO-380
>             Project: Shiro
>          Issue Type: Bug
>          Components: Realms 
>    Affects Versions: 1.2.1
>            Reporter: Jochen Munz
>            Assignee: Les Hazlewood
>              Labels: principal,, shiro,, subject
>         Attachments: shiro_380_webapp.tgz
>
>
> Right after SecurityUtils.getSubject().runAs(new new SimplePrincipalCollection(){...})
> SecurityUtils.getSubject().getPrincipal() returns correct new Principal
> SecurityUtils.getSubject()..getPreviousPrincipals() returns correct original Principal
> but DefaultSubjectDAO merge principals in method
> protected void mergePrincipals(Subject subject) {
>   PrincipalCollection currentPrincipals = subject.getPrincipals();
>   ...
>   if (session == null) {
>   ...
>   } else {
>     PrincipalCollection existingPrincipals = (PrincipalCollection) session.getAttribute(DefaultSubjectContext.PRINCIPALS_SESSION_KEY);
>     if (CollectionUtils.isEmpty(currentPrincipals)) {
>       ...
>     } else {
>        if (!currentPrincipals.equals(existingPrincipals)) {
>             session.setAttribute(DefaultSubjectContext.PRINCIPALS_SESSION_KEY, currentPrincipals);
>       }
>    }
> }
> and after that
> SecurityUtils.getSubject().getPrincipal() and SecurityUtils.getSubject().getPreviousPrincipals()
both returns new Principal - this is wrong behavior

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message