GitHub-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

SEC-761: HttpSessionContextIntegrationFilter.contextObject should be created in afterPropertiesSet(), not the constructor 

http://jira.springframework.org/browse/SEC-761. Added call to generateNewContext() in the afterPropertiesSet() method to take account of custom security context classes.
2.0.x
Luke Taylor 18 years ago
parent
1ae167434a
commit
63decfeb93
1 changed files with 2 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      core/src/main/java/org/springframework/security/context/HttpSessionContextIntegrationFilter.java

2
core/src/main/java/org/springframework/security/context/HttpSessionContextIntegrationFilter.java
Unescape View File

@ -180,6 +180,8 @@ public class HttpSessionContextIntegrationFilter extends SpringSecurityFilter im
throw new IllegalArgumentException( throw new IllegalArgumentException(
"If using forceEagerSessionCreation, you must set allowSessionCreation to also be true"); "If using forceEagerSessionCreation, you must set allowSessionCreation to also be true");
} }
contextObject = generateNewContext();
} }
public void doFilterHttp(HttpServletRequest request, HttpServletResponse response, FilterChain chain) public void doFilterHttp(HttpServletRequest request, HttpServletResponse response, FilterChain chain)

Write Preview
Loading…
Cancel
Save