Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-27 22:32:43 +00:00
Code Issues Packages Projects Releases Wiki Activity

SEC-761: HttpSessionContextIntegrationFilter.contextObject should be created in afterPropertiesSet(), not the constructor

Browse Source 
http://jira.springframework.org/browse/SEC-761. Added call to generateNewContext() in the afterPropertiesSet() method to take account of custom security context classes.
This commit is contained in:
Luke Taylor 2008-04-22 21:51:12 +00:00
parent 1ae167434a
commit 63decfeb93
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
core/src/main/java/org/springframework/security/context/HttpSessionContextIntegrationFilter.java
View File

@ -180,6 +180,8 @@ public class HttpSessionContextIntegrationFilter extends SpringSecurityFilter im
throw new IllegalArgumentException( throw new IllegalArgumentException(
"If using forceEagerSessionCreation, you must set allowSessionCreation to also be true"); "If using forceEagerSessionCreation, you must set allowSessionCreation to also be true");
} }
contextObject = generateNewContext();
} }
public void doFilterHttp(HttpServletRequest request, HttpServletResponse response, FilterChain chain) public void doFilterHttp(HttpServletRequest request, HttpServletResponse response, FilterChain chain)