Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-28 14:52:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

SEC-1521: Add check for null SecurityContextRepository and clarify related docs on use of null implementation (NullSecurityContextRepository).

Browse Source
This commit is contained in:
Luke Taylor 2010-07-23 15:59:53 +01:00
parent e659e15f90
commit d7d8448120
2 changed files with 13 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
docs/manual/src/docbook/core-filters.xml
View File

@ -248,10 +248,11 @@ class="org.springframework.security.web.context.SecurityContextPersistenceFilter
</bean> </bean>
</property> </property>
</bean> </bean>
]]></programlisting> Alternatively you could provide a null implementation of the ]]></programlisting> Alternatively you could provide an instance of
<interfacename>SecurityContextRepository</interfacename> interface, which will <classname>NullSecurityContextRepository</classname>, a <quote><link
prevent the security context from being stored, even if a session has already been xlink:href="http://en.wikipedia.org/wiki/Null_Object_pattern">null object</link></quote>
created during the request. </para> implementation, which will prevent the security context from being stored, even if a
session has already been created during the request. </para>
</section> </section>
</section> </section>
<section xml:id="form-login-filter"> <section xml:id="form-login-filter">

2
web/src/main/java/org/springframework/security/web/context/SecurityContextPersistenceFilter.java
View File

@ -12,6 +12,7 @@ import javax.servlet.http.HttpSession;
import org.springframework.security.core.context.SecurityContext; import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.util.Assert;
import org.springframework.web.filter.GenericFilterBean; import org.springframework.web.filter.GenericFilterBean;
/** /**
@ -92,6 +93,7 @@ public class SecurityContextPersistenceFilter extends GenericFilterBean {
} }
public void setSecurityContextRepository(SecurityContextRepository repo) { public void setSecurityContextRepository(SecurityContextRepository repo) {
Assert.notNull(repo, "SecurityContextRepository cannot be null");
this.repo = repo; this.repo = repo;
} }