Commit 5c57038a authored by michael.simon's avatar michael.simon
Browse files

Change Reqeust attribute setting correctly

parent 25445085
......@@ -99,8 +99,10 @@ public class SecurityFilter implements Filter {
Set<String> roles = convertRoles(roleService.findByUserId(session.getUserId()));
session.setRoles(roles);
if (accessChecker.check(path, roles))
if (accessChecker.check(path, roles)) {
request.setAttribute(USER_ID, session.getUserId());
chain.doFilter(servletRequest, servletResponse);
}
else
response.sendError(HttpServletResponse.SC_FORBIDDEN, "Not allowed");
}
......@@ -149,7 +151,6 @@ public class SecurityFilter implements Filter {
if (accessChecker.check(path, roles)) {
request.setAttribute(ADMIN_USER_ID, adminUser.getId());
request.setAttribute(USER_ID, session.getUserId());
chain.doFilter(request, response);
}
else
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment