import javax.naming.ldap.LdapName;
import javax.security.auth.Subject;
import javax.security.auth.x500.X500Principal;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpSession;
import org.argeo.api.NodeConstants;
import org.argeo.api.cms.CmsSession;
}
@SuppressWarnings("unused")
- synchronized static void registerSessionAuthorization(HttpServletRequest request, Subject subject,
+ synchronized static void registerSessionAuthorization(HttpRequest request, Subject subject,
Authorization authorization, Locale locale) {
// synchronized in order to avoid multiple registrations
// TODO move it to a service in order to avoid static synchronization
if (request != null) {
- HttpSession httpSession = request.getSession(false);
+ HttpSession httpSession = request.getSession();
assert httpSession != null;
String httpSessId = httpSession.getId();
boolean anonymous = authorization.getName() == null;