Shiro
  1. Shiro
  2. SHIRO-38

Update JavaDoc for return type of SecurityUtils.getSubject()

    Details

    • Type: Task Task
    • Status: Closed
    • Priority: Trivial Trivial
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: None
    • Labels:
      None

      Description

      From JavaDoc for SecurityUtils.getSubject() it is not clear what returns this method if nobody is logged in. Does it return null? or some default Subject? From Subject class documentation (getPrincipal method) I would expect that SecurityUtils.getSubject() returns some default Subject, but simple tests shows that it is not true - it returns null.
      So I would change it like this:
      @return the currently accessible <tt>Subject</tt> accessible to the calling code or null if .... (actually when?)

        Activity

        Hide
        Les Hazlewood added a comment -

        Closing all resolved issues due to a successful 1.0.0-incubating release

        Show
        Les Hazlewood added a comment - Closing all resolved issues due to a successful 1.0.0-incubating release
        Hide
        Les Hazlewood added a comment -

        I've updated the JavaDoc as well as made the code throw an IllegalStateException in the event that the method can't find the (required) SecurityManager instance. This would be an invalid configuration since the caller of SecurityUtils.getSubject() should always receive a Subject instance representing the currently executing subject, even if it is an anonymous Subject.

        Show
        Les Hazlewood added a comment - I've updated the JavaDoc as well as made the code throw an IllegalStateException in the event that the method can't find the (required) SecurityManager instance. This would be an invalid configuration since the caller of SecurityUtils.getSubject() should always receive a Subject instance representing the currently executing subject, even if it is an anonymous Subject.
        Hide
        Grzegorz Borkowski added a comment -

        From what I see now in SecurityUtils code, I see that this method will return null if no SecurityManager or Subject is registered in ThreadContext or as VM-singleton SecurityManager - so probably this information should be put in javadoc.

        Show
        Grzegorz Borkowski added a comment - From what I see now in SecurityUtils code, I see that this method will return null if no SecurityManager or Subject is registered in ThreadContext or as VM-singleton SecurityManager - so probably this information should be put in javadoc.

          People

          • Assignee:
            Les Hazlewood
            Reporter:
            Grzegorz Borkowski
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development