GitHub-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

SEC-484: Fix for NPE concurreny issue. Also reinstated synchronized on registerNewSession (had removed it for testing).

1.0.x
Luke Taylor 19 years ago
parent
aa4ee54f86
commit
ad43d433b4
1 changed files with 7 additions and 3 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 10
      core/src/main/java/org/acegisecurity/concurrent/SessionRegistryImpl.java

10
core/src/main/java/org/acegisecurity/concurrent/SessionRegistryImpl.java
Unescape View File

@ -79,6 +79,10 @@ public class SessionRegistryImpl implements SessionRegistry, ApplicationListener @@ -79,6 +79,10 @@ public class SessionRegistryImpl implements SessionRegistry, ApplicationListener
String sessionId = (String) iter.next();
SessionInformation sessionInformation = getSessionInformation(sessionId);
if (sessionInformation == null) {
continue;
}
if (includeExpiredSessions || !sessionInformation.isExpired()) {
list.add(sessionInformation);
}
@ -111,7 +115,7 @@ public class SessionRegistryImpl implements SessionRegistry, ApplicationListener @@ -111,7 +115,7 @@ public class SessionRegistryImpl implements SessionRegistry, ApplicationListener
}
}
public void registerNewSession(String sessionId, Object principal) {
public synchronized void registerNewSession(String sessionId, Object principal) {
Assert.hasText(sessionId, "SessionId required as per interface contract");
Assert.notNull(principal, "Principal required as per interface contract");
@ -143,7 +147,7 @@ public class SessionRegistryImpl implements SessionRegistry, ApplicationListener @@ -143,7 +147,7 @@ public class SessionRegistryImpl implements SessionRegistry, ApplicationListener
if (info != null) {
if (logger.isDebugEnabled()) {
logger.debug("Removing " + sessionId + " from set of registered sessions");
logger.debug("Removing session " + sessionId + " from set of registered sessions");
}
sessionIds.remove(sessionId);
@ -152,7 +156,7 @@ public class SessionRegistryImpl implements SessionRegistry, ApplicationListener @@ -152,7 +156,7 @@ public class SessionRegistryImpl implements SessionRegistry, ApplicationListener
if (sessionsUsedByPrincipal != null) {
synchronized (sessionsUsedByPrincipal) {
if (logger.isDebugEnabled()) {
logger.debug("Removing " + sessionId + " from principal's set of registered sessions");
logger.debug("Removing session " + sessionId + " from principal's set of registered sessions");
}
sessionsUsedByPrincipal.remove(sessionId);

Write Preview
Loading…
Cancel
Save