On Oct 15, 2012, at 12:41 PM, Gina Choi <[email protected]> wrote:
> Hi Dan,
>
> Thanks for your response. If we look at
> org.apache.cxf.fediz.example.SecurityTokenThreadLocal.java class, I only see
> get and set method. I could directly call TLS.remove() to unset the token,
> but should we have a remove method inside SecurityTokenThreadLocal.java
> class?
Most likely yes. In addition, I would recommend that the set method be
changed to:
if (token == null) {
TLS.remove();
} else {
TLS.set(token);
}
Dan
>
>
> public final class SecurityTokenThreadLocal {
>
> private static final ThreadLocal<Element> TLS =
> new ThreadLocal<Element>() {
> };
>
> private SecurityTokenThreadLocal() {
> }
>
> public static void setToken(Element token) {
> TLS.set(token);
> }
>
> public static Element getToken() {
> return TLS.get();
> }
>
>
> }
>
> Gina
>
>
>
> --
> View this message in context:
> http://cxf.547215.n5.nabble.com/Fediz-SSO-Do-we-need-to-unset-token-tp5716524p5716675.html
> Sent from the cxf-user mailing list archive at Nabble.com.
--
Daniel Kulp
[email protected] - http://dankulp.com/blog
Talend Community Coder - http://coders.talend.com
