Merge pull request 'Restored session existance check before OIDC/UMA ticket related checks' (#9) from mauro.mugnaini/threadlocal-vars-cleaner:master into master

Reviewed-on: gCubeSystem/threadlocal-vars-cleaner#9
2021-05-03 11:33:16 +02:00 · 2021-05-03 11:33:16 +02:00 · 5f066da115
parent d1ce7ef5c9 99b38ef4b7
commit 5f066da115
1 changed files with 7 additions and 2 deletions
--- a/src/main/java/org/gcube/portal/threadlocalexec/SmartGearsPortalValve.java
+++ b/src/main/java/org/gcube/portal/threadlocalexec/SmartGearsPortalValve.java
@ -71,10 +71,15 @@ public class SmartGearsPortalValve extends ValveBase {

                    _log.debug("Getting current user");
                    User user = getCurrentUser(request);
+                    // user cannot be null otherwise also the getCurrentUsername(request) returned null username in previous lines
                    _log.debug("Getting current session");
                    HttpSession session = request.getSession(false);
-                    OIDCUmaUtil.checkUMATicketAndProvideInThreadLocal(request, (HttpServletResponse) resp, user,
-                            session, scope);
+                    if (session != null) {
+                        OIDCUmaUtil.checkUMATicketAndProvideInThreadLocal(request, (HttpServletResponse) resp, user,
+                                session, scope);
+                    } else {
+                        _log.debug("Session is null, cannot continue");
+                    }

                    //_log.trace("Security token set OK for " + username + " in scope " + scope);
                }