mirror of https://github.com/apache/archiva.git
throw an exception int he secure action code when the session is null, telling the interceptor to deny access
git-svn-id: https://svn.apache.org/repos/asf/maven/archiva/trunk@446712 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
parent
bceb4898ea
commit
1ef65b87ed
|
@ -193,6 +193,11 @@ public class UserManagementAction
|
||||||
|
|
||||||
SecuritySession securitySession = (SecuritySession) session.get( SecuritySession.ROLE );
|
SecuritySession securitySession = (SecuritySession) session.get( SecuritySession.ROLE );
|
||||||
|
|
||||||
|
if ( securitySession == null )
|
||||||
|
{
|
||||||
|
throw new SecureActionException( "no session, not authenticated, not allowed access" );
|
||||||
|
}
|
||||||
|
|
||||||
User user = securitySession.getUser();
|
User user = securitySession.getUser();
|
||||||
|
|
||||||
if ( user != null )
|
if ( user != null )
|
||||||
|
|
Loading…
Reference in New Issue