Re: [PR] KNOX-3217: Upgrade pac4j to 6.3.0 for JDK17 [knox]

Thu, 04 Dec 2025 03:38:22 -0800 


moresandeep commented on code in PR #1110:
URL: https://github.com/apache/knox/pull/1110#discussion_r2588658924


##########
gateway-provider-security-pac4j/pom.xml:
##########
@@ -28,6 +28,19 @@
     <name>gateway-provider-security-pac4j</name>
     <description>An extension of the gateway integrating pac4j as an 
authentication provider.</description>
 
+    <repositories>
+        <repository>

Review Comment:
   Why do we need to add shibboleth repo?



##########
gateway-provider-security-pac4j/src/main/java/org/apache/knox/gateway/pac4j/filter/Pac4jIdentityAdapter.java:
##########
@@ -84,13 +89,18 @@ public void doFilter(ServletRequest servletRequest, 
ServletResponse servletRespo
 
     final HttpServletRequest request = (HttpServletRequest) servletRequest;
     final HttpServletResponse response = (HttpServletResponse) servletResponse;
-    final JEEContext context = new JEEContext(request, response, 
((Config)request.getAttribute(PAC4J_CONFIG)).getSessionStore());
-    final ProfileManager<CommonProfile> manager = new 
ProfileManager<>(context);
-    final Optional<CommonProfile> optional = manager.get(true);
+    final JEEContext context = new JEEContext(request, response);
+    Config pac4jConfig = ((Config)request.getAttribute(PAC4J_CONFIG));
+    FrameworkParameters frameworkParameters = new 
JEEFrameworkParameters(request, response);
+    SessionStore sessionStore = 
pac4jConfig.getSessionStoreFactory().newSessionStore(frameworkParameters);
+    final ProfileManager manager = new ProfileManager(context, sessionStore);
+    final Optional<UserProfile> optional = manager.getProfile();
     if (optional.isPresent()) {
-      CommonProfile profile = optional.get();
+      UserProfile profile = optional.get();
       logger.debug("User authenticated as: {}", profile);
-      manager.remove(true);
+      //manager.removeProfiles(); would only work if session existed, but our 
session store does not support sessions

Review Comment:
   Let's remove the commented out line.



##########
gateway-provider-security-pac4j/pom.xml:
##########
@@ -28,6 +28,19 @@
     <name>gateway-provider-security-pac4j</name>
     <description>An extension of the gateway integrating pac4j as an 
authentication provider.</description>
 
+    <repositories>
+        <repository>

Review Comment:
   I found my answer at the bottom :) 



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to