shiro-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Brian Demers (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (SHIRO-546) DefaultWebSessionManager onStart might produce nullPointer Exception
Date Thu, 07 Jul 2016 19:44:11 GMT

    [ https://issues.apache.org/jira/browse/SHIRO-546?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15366657#comment-15366657
] 

Brian Demers commented on SHIRO-546:
------------------------------------

And reopen if you are still seeing this.

> DefaultWebSessionManager onStart might produce nullPointer Exception
> --------------------------------------------------------------------
>
>                 Key: SHIRO-546
>                 URL: https://issues.apache.org/jira/browse/SHIRO-546
>             Project: Shiro
>          Issue Type: Bug
>          Components: Session Management
>    Affects Versions: 1.2.4
>            Reporter: Ariel Isaac
>              Labels: easyfix, newbie, patch
>   Original Estimate: 25m
>  Remaining Estimate: 25m
>
> DefaultWebSessionManager#onStart() when you get the HttpServletRequest it might be null
a throw a null pointer exception so it might need a little validation 
> from
> {code}   @Override
>     protected void onStart(Session session, SessionContext context) {
>         super.onStart(session, context);
>         if (!WebUtils.isHttp(context)) {
>             log.debug("SessionContext argument is not HTTP compatible or does not have
an HTTP request/response " +
>                     "pair. No session ID cookie will be set.");
>             return;
>         }
>         HttpServletRequest request = WebUtils.getHttpRequest(context);
>         HttpServletResponse response = WebUtils.getHttpResponse(context);
>         if (isSessionIdCookieEnabled()) {
>             Serializable sessionId = session.getId();
>             storeSessionId(sessionId, request, response);
>         } else {
>             log.debug("Session ID cookie is disabled.  No cookie has been set for new
session with id {}", session.getId());
>         }
>         request.removeAttribute(ShiroHttpServletRequest.REFERENCED_SESSION_ID_SOURCE);
>         request.setAttribute(ShiroHttpServletRequest.REFERENCED_SESSION_IS_NEW, Boolean.TRUE);
>     }{code}
> to 
> {code}    @Override
>     protected void onStart(Session session, SessionContext context) {
>         super.onStart(session, context);
>         if (!WebUtils.isHttp(context)) {
>             log.debug("SessionContext argument is not HTTP compatible or does not have
an HTTP request/response " +
>                     "pair. No session ID cookie will be set.");
>             return;
>         }
>         HttpServletRequest request = WebUtils.getHttpRequest(context);
>         HttpServletResponse response = WebUtils.getHttpResponse(context);
>         if (isSessionIdCookieEnabled()) {
>             Serializable sessionId = session.getId();
>             storeSessionId(sessionId, request, response);
>         } else {
>             log.debug("Session ID cookie is disabled.  No cookie has been set for new
session with id {}", session.getId());
>         }
>         if (request != null) {
>             request.removeAttribute(ShiroHttpServletRequest.REFERENCED_SESSION_ID_SOURCE);
>             request.setAttribute(ShiroHttpServletRequest.REFERENCED_SESSION_IS_NEW, Boolean.TRUE);
>         }
>         
>     }{code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message