svn commit: r1837510 - /tomcat/trunk/java/org/apache/catalina/authenticator/AuthenticatorBase.java

Mon, 06 Aug 2018 05:59:05 -0700 

Author: markt
Date: Mon Aug  6 12:58:29 2018
New Revision: 1837510

URL: http://svn.apache.org/viewvc?rev=1837510&view=rev
Log:
Make logout more robust if the JASPIC subject is unexpectedly unavailable

Modified:
    tomcat/trunk/java/org/apache/catalina/authenticator/AuthenticatorBase.java

Modified: 
tomcat/trunk/java/org/apache/catalina/authenticator/AuthenticatorBase.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/AuthenticatorBase.java?rev=1837510&r1=1837509&r2=1837510&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/authenticator/AuthenticatorBase.java 
(original)
+++ tomcat/trunk/java/org/apache/catalina/authenticator/AuthenticatorBase.java 
Mon Aug  6 12:58:29 2018
@@ -1136,19 +1136,17 @@ public abstract class AuthenticatorBase
         if (provider != null) {
             MessageInfo messageInfo = new MessageInfoImpl(request, 
request.getResponse(), true);
             Subject client = (Subject) 
request.getNote(Constants.REQ_JASPIC_SUBJECT_NOTE);
-            if (client == null) {
-                return;
-            }
-
-            ServerAuthContext serverAuthContext;
-            try {
-                ServerAuthConfig serverAuthConfig = 
provider.getServerAuthConfig("HttpServlet",
-                        jaspicAppContextID, CallbackHandlerImpl.getInstance());
-                String authContextID = 
serverAuthConfig.getAuthContextID(messageInfo);
-                serverAuthContext = 
serverAuthConfig.getAuthContext(authContextID, null, null);
-                serverAuthContext.cleanSubject(messageInfo, client);
-            } catch (AuthException e) {
-                
log.debug(sm.getString("authenticator.jaspicCleanSubjectFail"), e);
+            if (client != null) {
+                ServerAuthContext serverAuthContext;
+                try {
+                    ServerAuthConfig serverAuthConfig = 
provider.getServerAuthConfig("HttpServlet",
+                            jaspicAppContextID, 
CallbackHandlerImpl.getInstance());
+                    String authContextID = 
serverAuthConfig.getAuthContextID(messageInfo);
+                    serverAuthContext = 
serverAuthConfig.getAuthContext(authContextID, null, null);
+                    serverAuthContext.cleanSubject(messageInfo, client);
+                } catch (AuthException e) {
+                    
log.debug(sm.getString("authenticator.jaspicCleanSubjectFail"), e);
+                }
             }
         }
 



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to