Improve CMS start up and status reporting.

[lgpl/argeo-commons.git] / org.argeo.cms / src / org / argeo / cms / auth / CmsAuthUtils.java

diff --git a/org.argeo.cms/src/org/argeo/cms/auth/CmsAuthUtils.java b/org.argeo.cms/src/org/argeo/cms/auth/CmsAuthUtils.java
index 711edba2f013b925d088889b7489a9bab9616b75..396af9343f48d74a3933c503b7437d6003c959ba 100644 (file)
--- a/org.argeo.cms/src/org/argeo/cms/auth/CmsAuthUtils.java
+++ b/org.argeo.cms/src/org/argeo/cms/auth/CmsAuthUtils.java
@@ -34,8 +34,8 @@ class CmsAuthUtils {
        // Standard
        final static String SHARED_STATE_NAME = AuthenticatingUser.SHARED_STATE_NAME;
        final static String SHARED_STATE_PWD = AuthenticatingUser.SHARED_STATE_PWD;
-       final static String HEADER_AUTHORIZATION = "Authorization";
-       final static String HEADER_WWW_AUTHENTICATE = "WWW-Authenticate";
+//     final static String HEADER_AUTHORIZATION = "Authorization";
+//     final static String HEADER_WWW_AUTHENTICATE = "WWW-Authenticate";
 
        // Argeo specific
        final static String SHARED_STATE_HTTP_REQUEST = "org.argeo.cms.auth.http.request";
@@ -135,8 +135,7 @@ class CmsAuthUtils {
                // TODO move it to a service in order to avoid static synchronization
                if (request != null) {
                        RemoteAuthSession httpSession = request.getSession();
-                       assert httpSession != null;
-                       String httpSessId = httpSession.getId();
+                       String httpSessId = httpSession != null ? httpSession.getId() : null;
                        boolean anonymous = authorization.getName() == null;
                        String remoteUser = !anonymous ? authorization.getName() : CmsConstants.ROLE_ANONYMOUS;
                        request.setAttribute(RemoteAuthRequest.REMOTE_USER, remoteUser);