From 6db9a3faccc51ba862f4365d812b3b6c3dbd1331 Mon Sep 17 00:00:00 2001 From: Luke Taylor Date: Thu, 30 Apr 2009 05:21:54 +0000 Subject: [PATCH] Minor debugging optimizations. --- .../HttpSessionSecurityContextRepository.java | 8 +++++--- .../context/SecurityContextPersistenceFilter.java | 14 ++++++++++---- 2 files changed, 15 insertions(+), 7 deletions(-) diff --git a/web/src/main/java/org/springframework/security/web/context/HttpSessionSecurityContextRepository.java b/web/src/main/java/org/springframework/security/web/context/HttpSessionSecurityContextRepository.java index 91f7518226..80f218f6db 100644 --- a/web/src/main/java/org/springframework/security/web/context/HttpSessionSecurityContextRepository.java +++ b/web/src/main/java/org/springframework/security/web/context/HttpSessionSecurityContextRepository.java @@ -116,8 +116,10 @@ public class HttpSessionSecurityContextRepository implements SecurityContextRepo * @param httpSession the session obtained from the request. */ private SecurityContext readSecurityContextFromSession(HttpSession httpSession) { + final boolean debug = logger.isDebugEnabled(); + if (httpSession == null) { - if (logger.isDebugEnabled()) { + if (debug) { logger.debug("No HttpSession currently exists"); } @@ -129,7 +131,7 @@ public class HttpSessionSecurityContextRepository implements SecurityContextRepo Object contextFromSession = httpSession.getAttribute(SPRING_SECURITY_CONTEXT_KEY); if (contextFromSession == null) { - if (logger.isDebugEnabled()) { + if (debug) { logger.debug("HttpSession returned null object for SPRING_SECURITY_CONTEXT"); } @@ -153,7 +155,7 @@ public class HttpSessionSecurityContextRepository implements SecurityContextRepo contextFromSession = cloneContext(contextFromSession); } - if (logger.isDebugEnabled()) { + if (debug) { logger.debug("Obtained a valid SecurityContext from SPRING_SECURITY_CONTEXT: '" + contextFromSession + "'"); } diff --git a/web/src/main/java/org/springframework/security/web/context/SecurityContextPersistenceFilter.java b/web/src/main/java/org/springframework/security/web/context/SecurityContextPersistenceFilter.java index bac9fcf3e4..1d21884b67 100644 --- a/web/src/main/java/org/springframework/security/web/context/SecurityContextPersistenceFilter.java +++ b/web/src/main/java/org/springframework/security/web/context/SecurityContextPersistenceFilter.java @@ -16,8 +16,9 @@ import org.springframework.security.web.SpringSecurityFilter; /** * Populates the {@link SecurityContextHolder} with information obtained from * the configured {@link SecurityContextRepository} prior to the request and stores it back in the repository - * once the request has completed. By default it uses an {@link HttpSessionSecurityContextRepository}. See this - * class for information HttpSession related configuration options. + * once the request has completed and clearing the context holder. By default it uses an + * {@link HttpSessionSecurityContextRepository}. See this class for information HttpSession related + * configuration options. *

* This filter will only execute once per request, to resolve servlet container (specifically Weblogic) * incompatibilities. @@ -55,11 +56,16 @@ public class SecurityContextPersistenceFilter extends SpringSecurityFilter { return; } + final boolean debug = logger.isDebugEnabled(); + request.setAttribute(FILTER_APPLIED, Boolean.TRUE); if (forceEagerSessionCreation) { HttpSession session = request.getSession(); - logger.debug("Eagerly created session: " + session.getId()); + + if (debug && session.isNew()) { + logger.debug("Eagerly created session: " + session.getId()); + } } HttpRequestResponseHolder holder = new HttpRequestResponseHolder(request, response); @@ -77,7 +83,7 @@ public class SecurityContextPersistenceFilter extends SpringSecurityFilter { repo.saveContext(contextAfterChainExecution, holder.getRequest(), holder.getResponse()); request.removeAttribute(FILTER_APPLIED); - if (logger.isDebugEnabled()) { + if (debug) { logger.debug("SecurityContextHolder now cleared, as request processing completed"); } }