[jboss-jira] [JBoss JIRA] (ELY-1819) The logout handler registration should be reworked

Ashley Abdel-Sayed (Jira) issues at jboss.org
Wed Aug 7 16:46:00 EDT 2019 

     [ https://issues.jboss.org/browse/ELY-1819?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Ashley Abdel-Sayed updated ELY-1819:
------------------------------------
    Comment: was deleted

(was: [~dlofthouse] When taking a closer look at implementing this with the logout handler as a Consumer<HttpServerScopes> and the logoutHandlerConsumer as a Consumer<Consumer<HttpServerScopes>>, I can't see how the scope would be passed in as an argument to the logout handler. When I create the logout handler, as such; 
`Consumer<HttpServerScopes> logoutHandler = serverScope -> serverScope.getScope(Scope.SESSION).setAttachment(AUTHENTICATED_IDENTITY_KEY, null);`
I don't see a way to specify the serverScope without calling ```logoutHandler.accept(scope);``` but the logoutHandlerConsumer.accept() needs to take in a logoutHandler (previously runnable, now Consumer<HttpServerScope>. It doesn't seem like this implementation allows us to pass in the scope.  
)


> The logout handler registration should be reworked
> --------------------------------------------------
>
>                 Key: ELY-1819
>                 URL: https://issues.jboss.org/browse/ELY-1819
>             Project: WildFly Elytron
>          Issue Type: Bug
>          Components: HTTP
>            Reporter: Darran Lofthouse
>            Assignee: Ashley Abdel-Sayed
>            Priority: Major
>             Fix For: 1.9.2.CR1
>
>
> Presently the logout handler is just a Runnable, the problem with this is if it needs any state it means a lambda or an instance of a class tends to be needed to hold the state e.g.
> {noformat}
>     private void setupProgramaticLogout(HttpScope sessionScope) {
>         logoutHandlerConsumer.accept(() -> {
>             sessionScope.setAttachment(AUTHENTICATED_IDENTITY_KEY, null);
>         });
>     }
> {noformat}
> It would likely be better for the logout handler to be able to request the scope it needs so maybe pass in the 'org.wildfly.security.http.HttpServerScopes' at the very least.



--
This message was sent by Atlassian Jira
(v7.12.1#712002)

More information about the jboss-jira mailing list