Issue Details (XML | Word | Printable)

Key: APF-741
Type: Bug Bug
Status: Resolved Resolved
Resolution: Fixed
Priority: Major Major
Assignee: Matt Raible
Reporter: Matt Raible
Votes: 0
Watchers: 0
Operations

If you were logged in you would be able to see more operations.
AppFuse

UserCounterListener doesn't add logged in users on Jetty

Created: 27/Apr/07 02:24 PM   Updated: 30/Apr/07 02:31 AM   Resolved: 27/Apr/07 02:33 PM
Component/s: Web - General
Affects Version/s: 2.0-M4
Fix Version/s: 2.0-M5



Matt Raible added a comment - 27/Apr/07 02:25 PM
Fix:

    public void attributeAdded(HttpSessionBindingEvent event) {
        if (event.getName().equals(EVENT_KEY) && !isAnonymous()) {
            SecurityContext securityContext = (SecurityContext) event.getValue();
            User user = (User) securityContext.getAuthentication().getPrincipal();
            addUsername(user);
        // Workaround for Jetty bug (http://www.nabble.com/current-user-count-incorrect-tf3550268.html#a9919134)
        } else if (event.getName().equals(AuthenticationProcessingFilter.ACEGI_SECURITY_LAST_USERNAME_KEY)) {
            String username = (String) event.getValue();
            User user = new User(username);
            addUsername(user);
        }
    }

2653 by  Matt Raible (1 file)
27/Apr/07 02:31 PM (39 months, 15 days ago)
APF-741: template path should be relative to classpath so everything works with "jetty:run"
appfuse: trunk/web/common/src/main/webapp/common/menu.jsp 2653 history download (+1 -1) diffs

Matt Raible made changes - 27/Apr/07 02:33 PM
Field Original Value New Value
Resolution Fixed [ 1 ]
Status Open [ 1 ] Resolved [ 5 ]
2654 by  Matt Raible (1 file)
27/Apr/07 02:33 PM (39 months, 15 days ago)
Alexander Maslov added a comment - 30/Apr/07 02:31 AM
I do not think it is Jetty's bug.
org.acegisecurity.context.HttpSessionContextIntegrationFilter sets attribute ACEGI_SECURITY_CONTEXT_KEY first for anonymous user and attributeAdded is fired.
After authentification org.acegisecurity.context.HttpSessionContextIntegrationFilter sets the this attribute with the SAME OBJECT ,some ...SecurityContext don not remember now (with internal data changed of course). But Jetty does not fire attributeReplaces because Jetty uses equal() method to compare new and old values. But ACEGI_SECURITY_CONTEXT_KEY is the same object, so equal() returns TRUE. As a result this setAttribute ignored.
Spec does not say how exactly implementation should work with attributes, but for me jetty's behavior looks quite normal.

thx for the fix (just do not like that comment "// Workaround for Jetty bug ", of course it's subjective )