svn commit: r1102800 - /portals/jetspeed-2/portal/trunk/jetspeed-commons/src/main/java/org/apache/jetspeed/security/JSSubject.java

Fri, 13 May 2011 08:49:04 -0700 

Author: ate
Date: Fri May 13 15:48:42 2011
New Revision: 1102800

URL: http://svn.apache.org/viewvc?rev=1102800&view=rev
Log:
JS2-1183: ensure JSSubject wrapped Subject ThreadLocal is cleared after 
(request) usage

Modified:
    
portals/jetspeed-2/portal/trunk/jetspeed-commons/src/main/java/org/apache/jetspeed/security/JSSubject.java

Modified: 
portals/jetspeed-2/portal/trunk/jetspeed-commons/src/main/java/org/apache/jetspeed/security/JSSubject.java
URL: 
http://svn.apache.org/viewvc/portals/jetspeed-2/portal/trunk/jetspeed-commons/src/main/java/org/apache/jetspeed/security/JSSubject.java?rev=1102800&r1=1102799&r2=1102800&view=diff
==============================================================================
--- 
portals/jetspeed-2/portal/trunk/jetspeed-commons/src/main/java/org/apache/jetspeed/security/JSSubject.java
 (original)
+++ 
portals/jetspeed-2/portal/trunk/jetspeed-commons/src/main/java/org/apache/jetspeed/security/JSSubject.java
 Fri May 13 15:48:42 2011
@@ -27,6 +27,9 @@ package org.apache.jetspeed.security;
  */
 
 import javax.security.auth.*;
+
+import org.apache.jetspeed.util.ServletRequestThreadLocalCleanupCallback;
+
 import java.security.AccessControlContext;
 import java.security.PrivilegedActionException;
 
@@ -37,12 +40,17 @@ public class JSSubject implements java.i
 
     private static final long serialVersionUID = -8308522755600156057L;
 
-    static ThreadLocal threadLocal = 
-        new ThreadLocal();
-    
-    
+    static ThreadLocal threadLocal = new ThreadLocal();
     
     
+    private static void setSubject(Subject subject)
+    {
+        if (threadLocal.get() == null && subject != null)
+        {
+            new ServletRequestThreadLocalCleanupCallback(threadLocal);
+        }
+        threadLocal.set(subject);
+    }
 
     /**
      * Get the <code>Subject</code> associated with the provided
@@ -103,7 +111,7 @@ public class JSSubject implements java.i
        Subject subject = subject1;
        if (subject == null)
                subject = JSSubject.getSubject(null);
-       threadLocal.set(subject);
+       setSubject(subject);
        return Subject.doAs(subject,action);    
     }
 
@@ -139,7 +147,7 @@ public class JSSubject implements java.i
        Subject subject = subject1;
        if (subject == null)
                subject = JSSubject.getSubject(null);
-       threadLocal.set(subject);
+       setSubject(subject);
        if (subject != null)
                return Subject.doAs(subject,action);
        else
@@ -174,7 +182,7 @@ public class JSSubject implements java.i
        Subject subject = subject1;
        if (subject == null)
                subject = JSSubject.getSubject(acc);
-       threadLocal.set(subject);
+       setSubject(subject);
        if (subject != null)
                return Subject.doAsPrivileged(subject,action,acc);
        else
@@ -218,7 +226,7 @@ public class JSSubject implements java.i
        Subject s = subject;
        if (s == null)
                s = JSSubject.getSubject(acc);
-       threadLocal.set(s);
+       setSubject(s);
        if (s != null)
                return Subject.doAsPrivileged(s,action,acc);
        else



---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscr...@portals.apache.org
For additional commands, e-mail: jetspeed-dev-h...@portals.apache.org

Reply via email to