Skip to content
Browse files

Changed to allow usage with systems using Session Fixation fixes foll…

…owing a login
  • Loading branch information...
1 parent 1775ae9 commit 5f3700670cf4933be1b0886a10dc473463127cfa @Gleeble Gleeble committed
View
4 ...boss/src/main/java/org/jasig/cas/client/jboss/authentication/WebAuthenticationFilter.java
@@ -48,7 +48,7 @@
* the service defined for the {@link org.jasig.cas.client.jaas.CasLoginModule}.
*
* @author Daniel Fisher
- * @author Marvin S. Addison
+ * @author Marvin S. Addison
* @version $Revision$
* @since 3.1.11
*/
@@ -71,7 +71,7 @@ public void doFilter(final ServletRequest servletRequest, final ServletResponse
if (request.getUserPrincipal() instanceof AssertionPrincipal) {
final AssertionPrincipal principal = (AssertionPrincipal) request.getUserPrincipal();
log.debug("Installing CAS assertion into session.");
- session.setAttribute(CONST_CAS_ASSERTION, principal.getAssertion());
+ request.getSession().setAttribute(CONST_CAS_ASSERTION, principal.getAssertion());
} else {
log.debug("Aborting -- principal is not of type AssertionPrincipal");
throw new GeneralSecurityException("JBoss Web authentication did not produce CAS AssertionPrincipal.");

0 comments on commit 5f37006

Please sign in to comment.
Something went wrong with that request. Please try again.