[jira] [Resolved] (SHIRO-344) runAs feature doesn't work

Les Hazlewood (JIRA) Sat, 21 Jul 2012 18:02:37 -0700

     [ 
https://issues.apache.org/jira/browse/SHIRO-344?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Les Hazlewood resolved SHIRO-344.
---------------------------------

    Resolution: Fixed
      Assignee: Les Hazlewood

The final fix was to handle this in the DelegatingSubject implementation 
directly.

The updates to DefaultSubjectDAO were not necessary because the merge logic in 
that class ensures that the fields in the Subject instance would be saved in 
the session if not already saved.  The runAsPrincipals now always reside in the 
Session so that isn't necessary.

Please try out 1.2.1-SNAPSHOT or 1.3.0-SNAPSHOT and let us know if you have any 
problems!  If you do, feel free to reopen this issue and leave comments as to 
why it didn't work for you (the DelegatingSubjectTest class is more robust on 
its runAs tests, so we should be ok).
                
> runAs feature doesn't work
> --------------------------
>
>                 Key: SHIRO-344
>                 URL: https://issues.apache.org/jira/browse/SHIRO-344
>             Project: Shiro
>          Issue Type: Bug
>          Components: Realms 
>    Affects Versions: 1.2.0
>            Reporter: yourik
>            Assignee: Les Hazlewood
>              Labels: principal,, shiro,, subject
>             Fix For: 1.2.1, 1.3.0
>
>         Attachments: SubjectDAO.java
>
>
> Right after SecurityUtils.getSubject().runAs(new new 
> SimplePrincipalCollection(){...})
> SecurityUtils.getSubject().getPrincipal() returns correct new Principal
> SecurityUtils.getSubject()..getPreviousPrincipals() returns correct original 
> Principal
> but DefaultSubjectDAO merge principals in method
> protected void mergePrincipals(Subject subject) {
>   PrincipalCollection currentPrincipals = subject.getPrincipals();
>   ...
>   if (session == null) {
>   ...
>   } else {
>     PrincipalCollection existingPrincipals = (PrincipalCollection) 
> session.getAttribute(DefaultSubjectContext.PRINCIPALS_SESSION_KEY);
>     if (CollectionUtils.isEmpty(currentPrincipals)) {
>       ...
>     } else {
>        if (!currentPrincipals.equals(existingPrincipals)) {
>             
> session.setAttribute(DefaultSubjectContext.PRINCIPALS_SESSION_KEY, 
> currentPrincipals);
>       }
>    }
> }
> and after that
> SecurityUtils.getSubject().getPrincipal() and 
> SecurityUtils.getSubject().getPreviousPrincipals() both returns new Principal 
> - this is wrong behavior

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: 
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

[jira] [Resolved] (SHIRO-344) runAs feature doesn't work

Reply via email to