Apache
/
archiva
mirror of https://github.com/apache/archiva.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

throw an exception int he secure action code when the session is null, telling the interceptor to deny access 

git-svn-id: https://svn.apache.org/repos/asf/maven/archiva/trunk@446712 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Jesse McConnell 2006-09-15 20:03:12 +00:00
parent bceb4898ea
commit 1ef65b87ed
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/UserManagementAction.java
View File

@ -190,9 +190,14 @@ public class UserManagementAction
bundle.setRequiresAuthentication( true ); bundle.setRequiresAuthentication( true );
bundle.requiresAuthorization( "edit-all-users", Resource.GLOBAL); bundle.requiresAuthorization( "edit-all-users", Resource.GLOBAL);
SecuritySession securitySession = (SecuritySession) session.get( SecuritySession.ROLE ); SecuritySession securitySession = (SecuritySession) session.get( SecuritySession.ROLE );
if ( securitySession == null )
{
throw new SecureActionException( "no session, not authenticated, not allowed access" );
}
User user = securitySession.getUser(); User user = securitySession.getUser();
if ( user != null ) if ( user != null )