TouchInstinct
/
java-cas-client
303
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Changed to allow usage with systems using Session Fixation fixes following a login

This commit is contained in:
Adam Swift 2012-04-13 16:39:41 -04:00
parent 1775ae99ec
commit 5f3700670c
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
cas-client-integration-jboss/src/main/java/org/jasig/cas/client/jboss/authentication/WebAuthenticationFilter.java
View File

@ -48,7 +48,7 @@ import org.jboss.web.tomcat.security.login.WebAuthentication;
* the service defined for the {@link org.jasig.cas.client.jaas.CasLoginModule}. * the service defined for the {@link org.jasig.cas.client.jaas.CasLoginModule}.
* *
* @author Daniel Fisher * @author Daniel Fisher
* @author Marvin S. Addison * @author Marvin S. Addison
* @version $Revision$ * @version $Revision$
* @since 3.1.11 * @since 3.1.11
*/ */
@ -71,7 +71,7 @@ public final class WebAuthenticationFilter extends AbstractCasFilter {
if (request.getUserPrincipal() instanceof AssertionPrincipal) { if (request.getUserPrincipal() instanceof AssertionPrincipal) {
final AssertionPrincipal principal = (AssertionPrincipal) request.getUserPrincipal(); final AssertionPrincipal principal = (AssertionPrincipal) request.getUserPrincipal();
log.debug("Installing CAS assertion into session."); log.debug("Installing CAS assertion into session.");
session.setAttribute(CONST_CAS_ASSERTION, principal.getAssertion()); request.getSession().setAttribute(CONST_CAS_ASSERTION, principal.getAssertion());
} else { } else {
log.debug("Aborting -- principal is not of type AssertionPrincipal"); log.debug("Aborting -- principal is not of type AssertionPrincipal");
throw new GeneralSecurityException("JBoss Web authentication did not produce CAS AssertionPrincipal."); throw new GeneralSecurityException("JBoss Web authentication did not produce CAS AssertionPrincipal.");