diff --git a/sandbox/portlet/src/main/java/org/acegisecurity/context/PortletSessionContextIntegrationInterceptor.java b/sandbox/portlet/src/main/java/org/acegisecurity/context/PortletSessionContextIntegrationInterceptor.java index b2ea1008d5..08c59b60e4 100644 --- a/sandbox/portlet/src/main/java/org/acegisecurity/context/PortletSessionContextIntegrationInterceptor.java +++ b/sandbox/portlet/src/main/java/org/acegisecurity/context/PortletSessionContextIntegrationInterceptor.java @@ -223,14 +223,6 @@ public class PortletSessionContextIntegrationInterceptor private boolean preHandle(PortletRequest request, PortletResponse response, Object handler) throws Exception { - // make sure the holder is clear - if (SecurityContextHolder.getContext() != null) { - if (logger.isWarnEnabled()) - logger.warn("SecurityContextHolder should have been null but contained: '" - + SecurityContextHolder.getContext() + "'; setting to null now"); - SecurityContextHolder.clearContext(); - } - PortletSession portletSession = null; boolean portletSessionExistedAtStartOfRequest = false; diff --git a/sandbox/portlet/src/main/java/org/acegisecurity/providers/portlet/PortletAuthenticationProvider.java b/sandbox/portlet/src/main/java/org/acegisecurity/providers/portlet/PortletAuthenticationProvider.java index 6f8fa92148..cc4879f27f 100644 --- a/sandbox/portlet/src/main/java/org/acegisecurity/providers/portlet/PortletAuthenticationProvider.java +++ b/sandbox/portlet/src/main/java/org/acegisecurity/providers/portlet/PortletAuthenticationProvider.java @@ -17,6 +17,7 @@ package org.acegisecurity.providers.portlet; import java.security.Principal; +import java.util.Map; import javax.portlet.PortletRequest; @@ -130,19 +131,26 @@ public class PortletAuthenticationProvider // build the resulting successful authentication token PortletAuthenticationToken result = new PortletAuthenticationToken( user, authentication.getCredentials(), user.getAuthorities()); + result.setAuthenticated(true); // see if the detail property on the request is the PortletRequest if (authentication.getDetails() instanceof PortletRequest) { - // place the USER_INFO map into the details property of the result + // if available, place the USER_INFO map into the details property of the result PortletRequest request = (PortletRequest)authentication.getDetails(); - result.setDetails(request.getAttribute(PortletRequest.USER_INFO)); + Map userInfo = null; + try { + userInfo = (Map)request.getAttribute(PortletRequest.USER_INFO); + } catch (Exception e) { + logger.warn("unable to retrieve USER_INFO map from portlet request", e); + } + result.setDetails(userInfo); } else { // copy any other details information forward result.setDetails(authentication.getDetails()); } if (logger.isDebugEnabled()) - logger.debug("portlet authentication succeeded: " + authentication); + logger.debug("portlet authentication succeeded: " + result); return result; } diff --git a/sandbox/portlet/src/main/java/org/acegisecurity/ui/portlet/PortletProcessingInterceptor.java b/sandbox/portlet/src/main/java/org/acegisecurity/ui/portlet/PortletProcessingInterceptor.java index 97eb5fa674..e90f30f99a 100644 --- a/sandbox/portlet/src/main/java/org/acegisecurity/ui/portlet/PortletProcessingInterceptor.java +++ b/sandbox/portlet/src/main/java/org/acegisecurity/ui/portlet/PortletProcessingInterceptor.java @@ -206,7 +206,12 @@ public class PortletProcessingInterceptor implements // last try entries in USER_INFO if any attributes were defined if (this.userNameAttributes != null) { - Map userInfo = (Map)request.getAttribute(PortletRequest.USER_INFO); + Map userInfo = null; + try { + userInfo = (Map)request.getAttribute(PortletRequest.USER_INFO); + } catch (Exception e) { + logger.warn("unable to retrieve USER_INFO map from portlet request", e); + } if (userInfo != null) { Iterator i = this.userNameAttributes.iterator(); while(i.hasNext()) {