Author: snoopdave
Date: Wed Oct 3 06:45:54 2007
New Revision: 581598
URL: http://svn.apache.org/viewvc?rev=581598&view=rev
Log:
If we've got a principal but no user object, then attempt to get user
object from user manager but *only* do this if we have been bootstrapped
because under an SSO scenario we may have a principal even before we
have been bootstrapped.
Modified:
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/core/RollerSession.java
Modified:
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/core/RollerSession.java
URL:
http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/core/RollerSession.java?rev=581598&r1=581597&r2=581598&view=diff
==============================================================================
---
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/core/RollerSession.java
(original)
+++
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/core/RollerSession.java
Wed Oct 3 06:45:54 2007
@@ -64,21 +64,30 @@
HttpSession session = request.getSession(false);
if (session != null) {
rollerSession =
(RollerSession)session.getAttribute(ROLLER_SESSION);
+
if (rollerSession == null) {
// HttpSession with no RollerSession?
// Must be a session that was de-serialized from a previous
run.
rollerSession = new RollerSession();
session.setAttribute(ROLLER_SESSION, rollerSession);
}
+
Principal principal = request.getUserPrincipal();
- if (rollerSession.getAuthenticatedUser() == null && principal !=
null) {
+
+ // If we've got a principal but no user object, then attempt to get
+ // user object from user manager but *only* do this if we have
been
+ // bootstrapped because under an SSO scenario we may have a
+ // principal even before we have been bootstrapped.
+ if (rollerSession.getAuthenticatedUser() == null && principal !=
null && WebloggerFactory.isBootstrapped()) {
try {
+
UserManager umgr =
WebloggerFactory.getWeblogger().getUserManager();
User user = umgr.getUserByUserName(principal.getName());
// try one time to auto-provision, only happens if
user==null
// which means installation has SSO-enabled in security.xml
- if(user == null &&
WebloggerConfig.getBooleanProperty("users.sso.autoProvision.enabled")) {
+ if (user == null &&
WebloggerConfig.getBooleanProperty("users.sso.autoProvision.enabled")) {
+
// provisioning enabled, get provisioner and execute
AutoProvision provisioner =
RollerContext.getAutoProvision();
if(provisioner != null) {
@@ -90,9 +99,10 @@
}
}
// only set authenticated user if user is enabled
- if(user != null && user.getEnabled().booleanValue()) {
+ if (user != null && user.getEnabled().booleanValue()) {
rollerSession.setAuthenticatedUser(user);
}
+
} catch (WebloggerException e) {
log.error("ERROR: getting user object",e);
}
