Prevent NPE in AuthenticationManager.backchannelLogout (#23306)

Previously, if the user was already removed from the userSession
and the log level was set to DEBUG, then an NPE was triggered by
the debug log statement during backchannelLogout.

Fixes #23306
This commit is contained in:
Thomas Darimont 2023-09-17 22:13:35 +02:00 committed by Alexander Schwartz
parent f684a70048
commit 04d16ed170

View file

@ -288,7 +288,8 @@ public class AuthenticationManager {
if (logger.isDebugEnabled()) {
UserModel user = userSession.getUser();
logger.debugv("Logging out: {0} ({1}) offline: {2}", user.getUsername(), userSession.getId(),
String username = user == null ? null : user.getUsername();
logger.debugv("Logging out: {0} ({1}) offline: {2}", username, userSession.getId(),
userSession.isOffline());
}