ashibhardwaj commented on code in PR #18259:
URL: https://github.com/apache/druid/pull/18259#discussion_r2304053556
##########
extensions-core/druid-pac4j/src/main/java/org/apache/druid/security/pac4j/Pac4jSessionStore.java:
##########
@@ -96,37 +102,103 @@ public void set(WebContext context, String key, @Nullable
Object value)
Object profile = value;
Cookie cookie;
- if (value == null) {
- cookie = new Cookie(PAC4J_SESSION_PREFIX + key, null);
+ // Check if value is null, empty string, or empty collection
+ boolean isEmpty = value == null ||
Review Comment:
No, it wouldn't be an exception case - that's actually the intended
behavior. If the value doesn't match any of the "empty-able" types being
checked (null, empty String, empty Collection, empty Map), then isEmpty will be
false and the code will proceed to store the value normally in the else block.
This makes sense for pac4j sessions because most stored objects are things
like CommonProfiles or other custom objects that should be preserved even if
they don't fall into those specific empty-checkable categories. The
serializeToBytes method can handle any Serializable object, so we only need to
explicitly check for the common "empty" cases where we want to clear the cookie
instead of storing it.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
