ElytronSessionTokenStore#logoutHttpSessions() does not work as expected due to UNDERTOW-2159 (#16501)

Closes #16465
This commit is contained in:
rmartinc 2023-01-19 19:52:29 +01:00 committed by GitHub
parent 7d6e22bedd
commit 3b6dc5152e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -220,35 +220,41 @@ public class ElytronSessionTokenStore implements ElytronTokeStore, UserSessionMa
HttpServerExchange exchange = ProtectedHttpServerExchange.class.cast(httpFacade.getScope(Scope.EXCHANGE).getAttachment(UNDERTOW_EXCHANGE)).getExchange(); HttpServerExchange exchange = ProtectedHttpServerExchange.class.cast(httpFacade.getScope(Scope.EXCHANGE).getAttachment(UNDERTOW_EXCHANGE)).getExchange();
ServletRequestContext servletRequestContext = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY); ServletRequestContext servletRequestContext = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY);
SessionManager sessionManager = servletRequestContext.getDeployment().getSessionManager(); SessionManager sessionManager = servletRequestContext.getDeployment().getSessionManager();
final boolean isDistributableSessionManager = sessionManager.getClass().getName().equals("org.wildfly.clustering.web.undertow.session.DistributableSessionManager");
for (String id : ids) { for (String id : ids) {
// TODO: Workaround for WFLY-3345. Remove this once we fix KEYCLOAK-733. Same applies to legacy wildfly adapter. // TODO: Workaround for WFLY-3345. Remove this once we fix KEYCLOAK-733. Same applies to legacy wildfly adapter.
Session session = sessionManager.getSession(null, new SessionConfig() { Session session;
if (isDistributableSessionManager) {
session = sessionManager.getSession(exchange, new SessionConfig() {
@Override @Override
public void setSessionId(HttpServerExchange exchange, String sessionId) { public void setSessionId(HttpServerExchange exchange, String sessionId) {
} }
@Override @Override
public void clearSession(HttpServerExchange exchange, String sessionId) { public void clearSession(HttpServerExchange exchange, String sessionId) {
} }
@Override @Override
public String findSessionId(HttpServerExchange exchange) { public String findSessionId(HttpServerExchange exchange) {
return id; return id;
} }
@Override @Override
public SessionCookieSource sessionCookieSource(HttpServerExchange exchange) { public SessionCookieSource sessionCookieSource(HttpServerExchange exchange) {
return null; return null;
} }
@Override @Override
public String rewriteUrl(String originalUrl, String sessionId) { public String rewriteUrl(String originalUrl, String sessionId) {
return null; return null;
} }
}); });
} else {
session = sessionManager.getSession(id);
}
if (session != null) { if (session != null) {
session.invalidate(exchange); session.invalidate(exchange);