KEYCLOAK-9847 Checking user cache for being not null before using it

This commit is contained in:
mduchrow 2019-04-28 19:15:30 +02:00 committed by Hynek Mlnařík
parent 76a6e82173
commit c80531dfa7

View file

@ -22,6 +22,7 @@ import org.keycloak.common.enums.SslRequired;
import org.keycloak.component.ComponentModel;
import org.keycloak.models.*;
import org.keycloak.models.cache.CachedRealmModel;
import org.keycloak.models.cache.UserCache;
import org.keycloak.models.cache.infinispan.entities.CachedRealm;
import org.keycloak.storage.UserStorageProvider;
import org.keycloak.storage.client.ClientStorageProvider;
@ -1437,19 +1438,25 @@ public class RealmAdapter implements CachedRealmModel {
public void executeEvictions(ComponentModel model) {
if (model == null) return;
// If not realm component, check to see if it is a user storage provider child component (i.e. LDAP mapper)
if (model.getParentId() != null && !model.getParentId().equals(getId())) {
ComponentModel parent = getComponent(model.getParentId());
if (parent != null && UserStorageProvider.class.getName().equals(parent.getProviderType())) {
session.userCache().evict(this);
}
return;
// if user cache is disabled this is null
UserCache userCache = session.userCache();
if (userCache != null) {
// If not realm component, check to see if it is a user storage provider child component (i.e. LDAP mapper)
if (model.getParentId() != null && !model.getParentId().equals(getId())) {
ComponentModel parent = getComponent(model.getParentId());
if (parent != null && UserStorageProvider.class.getName().equals(parent.getProviderType())) {
userCache.evict(this);
}
return;
}
// invalidate entire user cache if we're dealing with user storage SPI
if (UserStorageProvider.class.getName().equals(model.getProviderType())) {
userCache.evict(this);
}
}
// invalidate entire user cache if we're dealing with user storage SPI
if (UserStorageProvider.class.getName().equals(model.getProviderType())) {
session.userCache().evict(this);
}
// invalidate entire realm if we're dealing with client storage SPI
// entire realm because of client roles, client lists, and clients
if (ClientStorageProvider.class.getName().equals(model.getProviderType())) {