diff --git a/changelog.txt b/changelog.txt index 2552b0b975..3666e1a10f 100644 --- a/changelog.txt +++ b/changelog.txt @@ -8,6 +8,7 @@ Changes in version 0.7 (2004-xx-xx) * Added AuthenticationProcessingFilter.setDetails for use by subclasses * Refactored MethodDefinitionSource to work with Method, not MethodInvocation * Refactored AbstractSecurityInterceptor to better support other AOP libraries +* Fixed AbstractProcessingFitler to use removeAttribute (JRun compatibility) * Moved MethodSecurityInterceptor to ...intercept.method.aopalliance package * Documentation improvements diff --git a/core/src/main/java/org/acegisecurity/ui/AbstractProcessingFilter.java b/core/src/main/java/org/acegisecurity/ui/AbstractProcessingFilter.java index 9ca30de7e7..7c6baef44a 100644 --- a/core/src/main/java/org/acegisecurity/ui/AbstractProcessingFilter.java +++ b/core/src/main/java/org/acegisecurity/ui/AbstractProcessingFilter.java @@ -330,8 +330,7 @@ public abstract class AbstractProcessingFilter implements Filter, httpRequest.getSession().setAttribute(ACEGI_SECURITY_LAST_EXCEPTION_KEY, failed); - httpRequest.getSession().setAttribute(HttpSessionIntegrationFilter.ACEGI_SECURITY_AUTHENTICATION_KEY, - null); + httpRequest.getSession().removeAttribute(HttpSessionIntegrationFilter.ACEGI_SECURITY_AUTHENTICATION_KEY); httpResponse.sendRedirect(httpResponse.encodeRedirectURL(httpRequest .getContextPath() + failureUrl)); @@ -347,8 +346,7 @@ public abstract class AbstractProcessingFilter implements Filter, authResult); String targetUrl = (String) httpRequest.getSession().getAttribute(ACEGI_SECURITY_TARGET_URL_KEY); - httpRequest.getSession().setAttribute(ACEGI_SECURITY_TARGET_URL_KEY, - null); + httpRequest.getSession().removeAttribute(ACEGI_SECURITY_TARGET_URL_KEY); if (targetUrl == null) { targetUrl = httpRequest.getContextPath() + defaultTargetUrl;