[jboss-jira] [JBoss JIRA] (ELY-1819) The logout handler registration should be reworked
[
https://issues.jboss.org/browse/ELY-1819?page=com.atlassian.jira.plugin.s...
]
Ashley Abdel-Sayed commented on ELY-1819:
-----------------------------------------
[~dlofthouse] When taking a closer look at implementing this with the logout handler as a
{{Consumer<HttpServerScopes>}} and the {{logoutHandlerConsumer}} as a
{{Consumer<Consumer<HttpServerScopes>>}}, I can't see how the scope would
be passed in as an argument to the logout handler. In {{setupProgramaticLogout}}, when I
create the logout handler, as such;
{code:java}
Consumer<HttpServerScopes> logoutHandler = serverScope ->
serverScope.getScope(Scope.SESSION).setAttachment(AUTHENTICATED_IDENTITY_KEY, null);
{code}
I don't see a way to specify the {{HttpServerScope}} argument without calling
{{logoutHandler.accept(HttpServerScope);}} but we would only want to pass in the
{{logoutHandler}} with the scope specified to
{{logoutHandlerConsumer.accept(Consumer<HttpServerScopes>)}} not execute
{{logoutHandler.accept(HttpServerScope);}}
The logout handler registration should be reworked
--------------------------------------------------
Key: ELY-1819
URL: https://issues.jboss.org/browse/ELY-1819
Project: WildFly Elytron
Issue Type: Bug
Components: HTTP
Reporter: Darran Lofthouse
Assignee: Ashley Abdel-Sayed
Priority: Major
Fix For: 1.9.2.CR1
Presently the logout handler is just a Runnable, the problem with this is if it needs any
state it means a lambda or an instance of a class tends to be needed to hold the state
e.g.
{noformat}
private void setupProgramaticLogout(HttpScope sessionScope) {
logoutHandlerConsumer.accept(() -> {
sessionScope.setAttachment(AUTHENTICATED_IDENTITY_KEY, null);
});
}
{noformat}
It would likely be better for the logout handler to be able to request the scope it needs
so maybe pass in the 'org.wildfly.security.http.HttpServerScopes' at the very
least.
--
This message was sent by Atlassian Jira
(v7.12.1#712002)