bonampak commented on code in PR #1110:
URL: https://github.com/apache/knox/pull/1110#discussion_r2589082611
##########
gateway-provider-security-pac4j/src/main/java/org/apache/knox/gateway/pac4j/filter/Pac4jIdentityAdapter.java:
##########
@@ -84,13 +89,18 @@ public void doFilter(ServletRequest servletRequest,
ServletResponse servletRespo
final HttpServletRequest request = (HttpServletRequest) servletRequest;
final HttpServletResponse response = (HttpServletResponse) servletResponse;
- final JEEContext context = new JEEContext(request, response,
((Config)request.getAttribute(PAC4J_CONFIG)).getSessionStore());
- final ProfileManager<CommonProfile> manager = new
ProfileManager<>(context);
- final Optional<CommonProfile> optional = manager.get(true);
+ final JEEContext context = new JEEContext(request, response);
+ Config pac4jConfig = ((Config)request.getAttribute(PAC4J_CONFIG));
+ FrameworkParameters frameworkParameters = new
JEEFrameworkParameters(request, response);
+ SessionStore sessionStore =
pac4jConfig.getSessionStoreFactory().newSessionStore(frameworkParameters);
+ final ProfileManager manager = new ProfileManager(context, sessionStore);
+ final Optional<UserProfile> optional = manager.getProfile();
if (optional.isPresent()) {
- CommonProfile profile = optional.get();
+ UserProfile profile = optional.get();
logger.debug("User authenticated as: {}", profile);
- manager.remove(true);
+ //manager.removeProfiles(); would only work if session existed, but our
session store does not support sessions
Review Comment:
done
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
