From 0e5c6632e49e880b33d9e82338bc2a2b819330a2 Mon Sep 17 00:00:00 2001 From: Arjan Tijms Date: Mon, 18 Mar 2024 21:24:18 +0100 Subject: [PATCH] Mapper instance should not be cached in the policy, as per comment Signed-off-by: Arjan Tijms --- .../glassfish/exousia/modules/def/DefaultPolicy.java | 12 ++---------- 1 file changed, 2 insertions(+), 10 deletions(-) diff --git a/impl/src/main/java/org/glassfish/exousia/modules/def/DefaultPolicy.java b/impl/src/main/java/org/glassfish/exousia/modules/def/DefaultPolicy.java index 4b75a96..2ec7d3d 100644 --- a/impl/src/main/java/org/glassfish/exousia/modules/def/DefaultPolicy.java +++ b/impl/src/main/java/org/glassfish/exousia/modules/def/DefaultPolicy.java @@ -65,7 +65,7 @@ public boolean impliesByRole(Permission permissionToBeChecked, Subject subject) // Note that these are obtained for the current (application) context ID, and this policy could potentially // be used for multiple context IDs. Therefore these objects should not be cached as instance data of this policy. PolicyConfiguration policyConfiguration = getPolicyConfigurationFactory().getPolicyConfiguration(); - PrincipalMapper roleMapper = getRoleMapper(); + PrincipalMapper roleMapper = PolicyContext.get(PRINCIPAL_MAPPER); if (!roleMapper.isAnyAuthenticatedUserRoleMapped() && !subject.getPrincipals().isEmpty()) { // The "any authenticated user" role is not mapped, so available to anyone and the current @@ -93,7 +93,7 @@ public PermissionCollection getPermissionCollection(Subject subject) { Permissions permissions = new Permissions(); PolicyConfiguration policyConfiguration = getPolicyConfigurationFactory().getPolicyConfiguration(); - PrincipalMapper roleMapper = getRoleMapper(); + PrincipalMapper roleMapper = PolicyContext.get(PRINCIPAL_MAPPER); PermissionCollection excludedPermissions = policyConfiguration.getExcludedPermissions(); @@ -125,14 +125,6 @@ private PolicyConfigurationFactory getPolicyConfigurationFactory() { return policyConfigurationFactory; } - private PrincipalMapper getRoleMapper() { - if (principalMapper == null) { - principalMapper = PolicyContext.get(PRINCIPAL_MAPPER); - } - - return principalMapper; - } - private boolean isExcluded(PermissionCollection excludedPermissions, Permission permission) { if (excludedPermissions.implies(permission)) { return true;