myfaces-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From d...@apache.org
Subject svn commit: r1680197 - /myfaces/tobago/trunk/tobago-core/src/main/java/org/apache/myfaces/tobago/webapp/Secret.java
Date Tue, 19 May 2015 07:47:50 GMT
Author: deki
Date: Tue May 19 07:47:49 2015
New Revision: 1680197

URL: http://svn.apache.org/r1680197
Log:
TOBAGO-1466: No need to force session creation for secret check

Modified:
    myfaces/tobago/trunk/tobago-core/src/main/java/org/apache/myfaces/tobago/webapp/Secret.java

Modified: myfaces/tobago/trunk/tobago-core/src/main/java/org/apache/myfaces/tobago/webapp/Secret.java
URL: http://svn.apache.org/viewvc/myfaces/tobago/trunk/tobago-core/src/main/java/org/apache/myfaces/tobago/webapp/Secret.java?rev=1680197&r1=1680196&r2=1680197&view=diff
==============================================================================
--- myfaces/tobago/trunk/tobago-core/src/main/java/org/apache/myfaces/tobago/webapp/Secret.java
(original)
+++ myfaces/tobago/trunk/tobago-core/src/main/java/org/apache/myfaces/tobago/webapp/Secret.java
Tue May 19 07:47:49 2015
@@ -81,14 +81,16 @@ public final class Secret implements Ser
   public static boolean check(final FacesContext facesContext) {
     final Map requestParameterMap = facesContext.getExternalContext().getRequestParameterMap();
     final String fromRequest = (String) requestParameterMap.get(Secret.KEY);
-    final Object session = facesContext.getExternalContext().getSession(true);
-    final Secret secret;
-    if (session instanceof HttpSession) {
-      secret = (Secret) ((HttpSession) session).getAttribute(Secret.KEY);
-    } else if (PortletUtils.isPortletApiAvailable() && session instanceof PortletSession)
{
-      secret = (Secret) ((PortletSession) session).getAttribute(Secret.KEY, PortletSession.APPLICATION_SCOPE);
-    } else {
-      throw new IllegalArgumentException("Unknown session type: " + session);
+    final Object session = facesContext.getExternalContext().getSession(false);
+    Secret secret = null;
+    if (session!=null) {
+      if (session instanceof HttpSession) {
+        secret = (Secret) ((HttpSession) session).getAttribute(Secret.KEY);
+      } else if (PortletUtils.isPortletApiAvailable() && session instanceof PortletSession)
{
+        secret = (Secret) ((PortletSession) session).getAttribute(Secret.KEY, PortletSession.APPLICATION_SCOPE);
+      } else {
+        throw new IllegalArgumentException("Unknown session type: " + session);
+      }
     }
     return secret != null && secret.secret.equals(fromRequest);
   }



Mime
View raw message