[jira] [Commented] (SHIRO-380) runAs feature (still) doesn't work

Tue, 07 Aug 2012 11:02:11 -0700 

    [ 
https://issues.apache.org/jira/browse/SHIRO-380?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13430485#comment-13430485
 ] 

Les Hazlewood commented on SHIRO-380:
-------------------------------------

Thanks for the update Jochen, and the sample app.  Hopefully we can use this to 
create more test cases beyond the ones we already have.

Do you know how the behavior differs from the DelegatingSubjectTest testRunAs() 
test case (other than the web scenario)?

http://svn.apache.org/repos/asf/shiro/trunk/core/src/test/java/org/apache/shiro/subject/DelegatingSubjectTest.java
                
> runAs feature (still) doesn't work
> ----------------------------------
>
>                 Key: SHIRO-380
>                 URL: https://issues.apache.org/jira/browse/SHIRO-380
>             Project: Shiro
>          Issue Type: Bug
>          Components: Realms 
>    Affects Versions: 1.2.1
>            Reporter: Jochen Munz
>            Assignee: Les Hazlewood
>              Labels: principal,, shiro,, subject
>         Attachments: shiro_380_webapp.tgz
>
>
> Right after SecurityUtils.getSubject().runAs(new new 
> SimplePrincipalCollection(){...})
> SecurityUtils.getSubject().getPrincipal() returns correct new Principal
> SecurityUtils.getSubject()..getPreviousPrincipals() returns correct original 
> Principal
> but DefaultSubjectDAO merge principals in method
> protected void mergePrincipals(Subject subject) {
>   PrincipalCollection currentPrincipals = subject.getPrincipals();
>   ...
>   if (session == null) {
>   ...
>   } else {
>     PrincipalCollection existingPrincipals = (PrincipalCollection) 
> session.getAttribute(DefaultSubjectContext.PRINCIPALS_SESSION_KEY);
>     if (CollectionUtils.isEmpty(currentPrincipals)) {
>       ...
>     } else {
>        if (!currentPrincipals.equals(existingPrincipals)) {
>             
> session.setAttribute(DefaultSubjectContext.PRINCIPALS_SESSION_KEY, 
> currentPrincipals);
>       }
>    }
> }
> and after that
> SecurityUtils.getSubject().getPrincipal() and 
> SecurityUtils.getSubject().getPreviousPrincipals() both returns new Principal 
> - this is wrong behavior

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: 
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to