Shiro
  1. Shiro
  2. SHIRO-380

runAs feature (still) doesn't work

    Details

      Description

      Right after SecurityUtils.getSubject().runAs(new new SimplePrincipalCollection()

      {...}

      )

      SecurityUtils.getSubject().getPrincipal() returns correct new Principal
      SecurityUtils.getSubject()..getPreviousPrincipals() returns correct original Principal

      but DefaultSubjectDAO merge principals in method

      protected void mergePrincipals(Subject subject) {
      PrincipalCollection currentPrincipals = subject.getPrincipals();
      ...
      if (session == null)

      { ... }

      else {
      PrincipalCollection existingPrincipals = (PrincipalCollection) session.getAttribute(DefaultSubjectContext.PRINCIPALS_SESSION_KEY);
      if (CollectionUtils.isEmpty(currentPrincipals))

      { ... }

      else {
      if (!currentPrincipals.equals(existingPrincipals))

      { session.setAttribute(DefaultSubjectContext.PRINCIPALS_SESSION_KEY, currentPrincipals); }

      }
      }

      and after that
      SecurityUtils.getSubject().getPrincipal() and SecurityUtils.getSubject().getPreviousPrincipals() both returns new Principal - this is wrong behavior

      1. shiro_380_webapp.tgz
        4 kB
        Jochen Munz
      2. SHIRO-380-patch1.diff
        3 kB
        Elijah Korneckis

        Issue Links

          Activity

          Jochen Munz created issue -
          Jochen Munz made changes -
          Field Original Value New Value
          Link This issue is a clone of SHIRO-344 [ SHIRO-344 ]
          Jochen Munz made changes -
          Affects Version/s 1.2.1 [ 12319511 ]
          Affects Version/s 1.2.0 [ 12315478 ]
          Fix Version/s 1.3.0 [ 12317961 ]
          Fix Version/s 1.2.1 [ 12319511 ]
          Jochen Munz made changes -
          Attachment shiro_380_webapp.tgz [ 12539664 ]
          Elijah Korneckis made changes -
          Attachment SHIRO-380-patch1.diff [ 12539882 ]
          Les Hazlewood made changes -
          Status Open [ 1 ] Resolved [ 5 ]
          Fix Version/s 1.2.2 [ 12323469 ]
          Fix Version/s 1.3.0 [ 12317961 ]
          Resolution Fixed [ 1 ]
          Les Hazlewood made changes -
          Status Resolved [ 5 ] Closed [ 6 ]

            People

            • Assignee:
              Les Hazlewood
              Reporter:
              Jochen Munz
            • Votes:
              2 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development