Eclipse
/
jetty.project
mirror of https://github.com/jetty/jetty.project.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Issue #1224 

This reverts commit 3d35484dc7 and provides different solution.
This commit is contained in:
Jan Bartel 2017-01-09 12:07:29 +11:00
parent 04a2777603
commit 69babbf38c
2 changed files with 11 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
jetty-security/src/main/java/org/eclipse/jetty/security/authentication/SessionAuthentication.java
View File

@ -80,20 +80,16 @@ public class SessionAuthentication extends AbstractUserAuthentication implements
if (_session!=null && _session.getAttribute(__J_AUTHENTICATED)!=null)
_session.removeAttribute(__J_AUTHENTICATED);
doLogout(null);
doLogout();
}
private void doLogout(HttpSessionBindingEvent event)
private void doLogout()
{
SecurityHandler security=SecurityHandler.getCurrentSecurityHandler();
if (security!=null)
security.logout(this);
//if we were called by an unbind event, it means the session is invalid
//so don't try and remove the attribute
if (_session!=null && event == null)
{
if (_session!=null)
_session.removeAttribute(Session.SESSION_CREATED_SECURE);
}
}
@Override
@ -129,7 +125,7 @@ public class SessionAuthentication extends AbstractUserAuthentication implements
@Override
public void valueUnbound(HttpSessionBindingEvent event)
{
doLogout(event);
doLogout();
}
}

8
jetty-server/src/main/java/org/eclipse/jetty/server/session/Session.java
View File

@ -605,9 +605,12 @@ public class Session implements SessionHandler.SessionIf
{
checkLocked();
if (_state != State.VALID)
if (_state == State.INVALID)
throw new IllegalStateException("Not valid for write: id="+_sessionData.getId()+" created="+_sessionData.getCreated()+" accessed="+_sessionData.getAccessed()+" lastaccessed="+_sessionData.getLastAccessed()+" maxInactiveMs="+_sessionData.getMaxInactiveMs()+" expiry="+_sessionData.getExpiry());
if (_state == State.INVALIDATING)
return; //in the process of being invalidated, listeners may try to remove attributes
if (!isResident())
throw new IllegalStateException("Not valid for write: id="+_sessionData.getId()+" not resident");
}
@ -626,6 +629,9 @@ public class Session implements SessionHandler.SessionIf
if (_state == State.INVALID)
throw new IllegalStateException("Invalid for read: id="+_sessionData.getId()+" created="+_sessionData.getCreated()+" accessed="+_sessionData.getAccessed()+" lastaccessed="+_sessionData.getLastAccessed()+" maxInactiveMs="+_sessionData.getMaxInactiveMs()+" expiry="+_sessionData.getExpiry());
if (_state == State.INVALIDATING)
return;
if (!isResident())
throw new IllegalStateException("Invalid for read: id="+_sessionData.getId()+" not resident");
}