[MMBASE SCM] r42078 - didactor/trunk/components/core/src/main/java/nl/didactor/security

Mon, 03 May 2010 04:34:56 -0700 

Author: michiel
Date: 2010-04-29 15:50:23 +0200 (Thu, 29 Apr 2010)
New Revision: 42078

Modified:
   
didactor/trunk/components/core/src/main/java/nl/didactor/security/Authentication.java
Log:
removed eduaction caching in session, it's more trouble than worth it

Modified: 
didactor/trunk/components/core/src/main/java/nl/didactor/security/Authentication.java
===================================================================
--- 
didactor/trunk/components/core/src/main/java/nl/didactor/security/Authentication.java
       2010-04-29 13:42:35 UTC (rev 42077)
+++ 
didactor/trunk/components/core/src/main/java/nl/didactor/security/Authentication.java
       2010-04-29 13:50:23 UTC (rev 42078)
@@ -114,7 +114,6 @@
         HttpSession session = request == null ? null : 
request.getSession(false);
         if (session != null) {
             
session.removeAttribute(nl.didactor.filter.ProviderFilter.USER_KEY);
-            
session.removeAttribute(nl.didactor.filter.ProviderFilter.EDUCATION_KEY);
             String loginComponent = 
(String)session.getAttribute("didactor-logincomponent");
             if (loginComponent != null) {
                 for (AuthenticationComponent ac : securityComponents) {
@@ -153,11 +152,21 @@
     @Override
     public org.mmbase.security.UserContext login(String application, Map 
loginInfo, Object[] parameters) throws org.mmbase.security.SecurityException {
 
+        HttpServletRequest request = loginInfo == null ? null : 
(HttpServletRequest) loginInfo.get(Parameter.REQUEST.getName());
+        if (request != null) {
+            HttpSession session = request.getSession(false);
+            if (session != null) {
+                log.info("Removing keys from session");
+                
session.removeAttribute(nl.didactor.filter.ProviderFilter.USER_KEY);
+            }
+        }
+
         // Always allow anonymous access instantly
         if ("anonymous".equals(application)) {
             log.trace("Anonymous application: returning anonymous cloud ");
             if (loginInfo != null && 
Boolean.TRUE.equals(loginInfo.get("logout"))) {
-                logout((HttpServletRequest) 
loginInfo.get(Parameter.REQUEST.getName()),
+
+                logout(request,
                        (HttpServletResponse) 
loginInfo.get(Parameter.RESPONSE.getName())
                        );
             }
@@ -215,11 +224,9 @@
 
         }
 
-        HttpServletRequest request = null;
         HttpServletResponse response = null;
         Rank desiredRank = null;
         if (loginInfo != null) {
-            request = (HttpServletRequest) 
loginInfo.get(Parameter.REQUEST.getName());
             response = (HttpServletResponse) 
loginInfo.get(Parameter.RESPONSE.getName());
             desiredRank = (Rank) loginInfo.get("rank");
         }
@@ -266,6 +273,8 @@
             map = new HashMap();
             session.setAttribute(PARAMETERS_KEY, map);
         }
+        //
+        session.removeAttribute(nl.didactor.filter.ProviderFilter.USER_KEY);
         map.putAll(request.getParameterMap());
         map.putAll(loginInfo);
 

_______________________________________________
Cvs mailing list
[email protected]
http://lists.mmbase.org/mailman/listinfo/cvs

Reply via email to