diff --git a/jetty-openid/src/main/java/org/eclipse/jetty/security/openid/OpenIdAuthenticator.java b/jetty-openid/src/main/java/org/eclipse/jetty/security/openid/OpenIdAuthenticator.java index a88f9b5f127..727b5a2c352 100644 --- a/jetty-openid/src/main/java/org/eclipse/jetty/security/openid/OpenIdAuthenticator.java +++ b/jetty-openid/src/main/java/org/eclipse/jetty/security/openid/OpenIdAuthenticator.java @@ -521,22 +521,30 @@ public class OpenIdAuthenticator extends LoginAuthenticator Map csrfMap = (Map)session.getAttribute(CSRF_MAP); if (csrfMap == null) { - // Create a custom Map so we can only have a limited number of request URIs saved. - csrfMap = new LinkedHashMap<>() - { - private static final int MAX_SIZE = 64; - - @Override - protected boolean removeEldestEntry(Map.Entry eldest) - { - return size() > MAX_SIZE; - } - }; + csrfMap = new MRUMap(64); session.setAttribute(CSRF_MAP, csrfMap); } return csrfMap; } + private static class MRUMap extends LinkedHashMap + { + private static final long serialVersionUID = 5375723072014233L; + + private final int _size; + + private MRUMap(int size) + { + _size = size; + } + + @Override + protected boolean removeEldestEntry(Map.Entry eldest) + { + return size() > _size; + } + } + private static class UriRedirectInfo implements Serializable { private static final long serialVersionUID = 139567755844461433L;