Cleanup SessionFixationProtectionStrategy - removed dead code introdu…

…ced when removing deprecations in 6e204ff see spring-projects#2757 see spring-projects#2918
StefanPenndorf · Sep 7, 2016 · 114194d · 114194d
1 parent 37c6605
commit 114194d
Showing 1 changed file with 9 additions and 32 deletions.
diff --git a/...pringframework/security/web/authentication/session/SessionFixationProtectionStrategy.java b/...pringframework/security/web/authentication/session/SessionFixationProtectionStrategy.java
@@ -64,12 +64,6 @@ public class SessionFixationProtectionStrategy extends
 	 */
 	boolean migrateSessionAttributes = true;
 
-	/**
-	 * In the case where the attributes will not be migrated, this field allows a list of
-	 * named attributes which should <em>not</em> be discarded.
-	 */
-	private List<String> retainedAttributes = null;
-
 	/**
 	 * Called to extract the existing attributes from the session, prior to invalidating
 	 * it. If {@code migrateAttributes} is set to {@code false}, only Spring Security
@@ -124,36 +118,19 @@ void transferAttributes(Map<String, Object> attributes, HttpSession newSession)
 
 	@SuppressWarnings("unchecked")
 	private HashMap<String, Object> createMigratedAttributeMap(HttpSession session) {
-		HashMap<String, Object> attributesToMigrate = null;
-
-		if (migrateSessionAttributes || retainedAttributes == null) {
-			attributesToMigrate = new HashMap<String, Object>();
+		HashMap<String, Object> attributesToMigrate = new HashMap<String, Object>();
 
-			Enumeration enumer = session.getAttributeNames();
+		Enumeration enumer = session.getAttributeNames();
 
-			while (enumer.hasMoreElements()) {
-				String key = (String) enumer.nextElement();
-				if (!migrateSessionAttributes && !key.startsWith("SPRING_SECURITY_")) {
-					// Only retain Spring Security attributes
-					continue;
-				}
-				attributesToMigrate.put(key, session.getAttribute(key));
-			}
-		}
-		else {
-			// Only retain the attributes which have been specified in the
-			// retainAttributes list
-			if (!retainedAttributes.isEmpty()) {
-				attributesToMigrate = new HashMap<String, Object>();
-				for (String name : retainedAttributes) {
-					Object value = session.getAttribute(name);
-
-					if (value != null) {
-						attributesToMigrate.put(name, value);
-					}
-				}
+		while (enumer.hasMoreElements()) {
+			String key = (String) enumer.nextElement();
+			if (!migrateSessionAttributes && !key.startsWith("SPRING_SECURITY_")) {
+				// Only retain Spring Security attributes
+				continue;
 			}
+			attributesToMigrate.put(key, session.getAttribute(key));
 		}
+
 		return attributesToMigrate;
 	}